Rolandt

I’ve now written or edited more than 25 books published by traditional or hybrid publishers. I know what your publisher is looking for, and what they will and won’t do for you. So it’s time for some straight talk about that. Publishers in 2021 won’t generally edit your book. They are looking for a publishable … Continued

The post Why your publisher won’t edit your manuscript — and what to do about it appeared first on without bullshit.

How to win at CORS

Jake Archibald's definitive guide to CORS, including a handy CORS playground interactive tool. Also includes a useful history explaining why we need CORS in the first place.

Via @jaffathecake

What a crazy year this has been. I don't know how to keep track of time. I am 41 today, and it seems like a year passed in second. Anyway, I am blessed that my life and life of people around me have been okay. We survived. I will probably write a longer post later. But thank you for the wishes.

As usual here is my life radar. It has changed a bit from last year.

The post 41 first appeared on Thejesh GN.

What was especially remarkable about Carlota Perez’s Technological Revolutions and Financial Capital was its timing: 2002 was the middle of the cold winter that followed the Dotcom Bubble, and here was Perez arguing that the IT revolution and the Internet were not in fact dead ideas, but in the middle of a natural transition to a new Golden Age.

Note: the following is a woefully incomplete summary of what is a brilliant — and very readable — book. Jerry Neumann has written an excellent overview of Perez’s theory at Reaction Wheel; I highly recommend reading that first if you are unfamiliar with Perez’s work.

Perez’s thesis was based on over 200 years of history and the patterns she identified in four previous technological revolutions:¹

• The Industrial Revolution began in Great Britain in 1771, with the opening of Arkwright’s mill in Cromford
• The Age of Steam and Railways began in the United Kingdom in 1829, with the test of the ‘Rocket’ steam engine for the Liverpool-Manchester railway
• The Age of Steel, Electricity and Heavy Engineering began in the United States in 1875, with the opening of the Carnegie Bessemer steel plant in Pittsburgh, Pennsylvania
• The Age of Oil, the Automobile, and Mass Production began in the United States in 1908, with the production of the first Ford Model-T in Detroit, Michigan
• The Age of Information and Telecommunications began in the United States in 1971, with the announcement of the Intel microprocessor in Santa Clara, California

Perez’s argument was that the four technological revolutions that proceeded the Age of Information and Telecommunications followed a similar cycle:

However, this process is usually disjointed; Perez writes:

In real life, the trajectory of a technological revolution is not as smooth and continuous as the stylized curve presented in Figure 3.1. The process of installation of each new techno-economic paradigm in society begins with a battle against the power of the old, which is ingrained in the established production structure and embedded in the socio-cultural environment and in the institutional framework. Only when that battle has been practically won can the paradigm really diffuse across the whole economy of the core nations and later across the world…

In very broad terms, each surge goes through two periods of a very different nature, each lasting about three decades.

As shown in Figure 4.1, the first half can be termed the installation period. It is the time when the new technologies irrupt in a maturing economy and advance like a bulldozer disrupting the established fabric and articulating new industrial networks, setting up new infrastructures and spreading new and superior ways of doing things. At the beginning of that period, the revolution is a small fact and a big promise; at the end, the new paradigm is a significant force, having overcome the resistance of the old paradigm and being ready to serve as propeller of widespread growth.

The second half is the deployment period, when the fabric of the whole economy is rewoven and reshaped by the modernizing power of the triumphant paradigm, which then becomes normal best practice, enabling the full unfolding of its wealth generating potential.

What made Perez’s observation so trenchant in 2002 is that part in the middle: the turning point.

The Post-Dotcom Era

While the Installation Period begins with irruption as new technology emerges in pursuit of real world applications, it eventual transitions into a full-blown frenzy as speculative capital pursues increasingly fantastical commercial applications.

Reality, though, catches up, and the bubble pops.

This financial frenzy is a powerful force in propagating the technological revolution, in particular its infrastructure, and enhancing – even exaggerating – the superiority of the new products, industries and generic technologies. The ostentation of success pushes the logic of the new paradigm to the fore and makes it into the contemporary ideal of vitality and dynamism. It also contributes to institutional change, at least concerning the ‘destruction’ half of creative destruction.

At the same time, as mentioned before, all this excitement divides society, widening the gap between rich and poor and making it less and less tenable in social terms. The economy also becomes unsustainable, due to the appearance of two growing imbalances. One is the mismatch between the profile of demand and that of potential supply. The very process by which intense investment was made possible by concentrating income at the upper end of the spectrum becomes an obstacle for the expansion of production of any particular product and for the attainment of full economies of scale. The other is the rift between paper values and real values. So the system is structurally unstable and cannot grow indefinitely along that path.

With the collapse comes recession – sometimes depression – bringing financial capital back to reality. This, together with mounting social pressure, creates the conditions for institutional restructuring. In this atmosphere of urgency many of the social innovations, which gradually emerged during the period of installation, are likely to be brought together with new regulation in the financial and other spheres, to create a favorable context for recoupling and full unfolding of the growth potential. This crucial recomposition happens at the turning point which leaves behind the turbulent times of installation and paradigm transition to enter the ‘golden age’ that can follow, depending on the institutional and social choices made.

This certainly seems to describe the Dotcom Bubble, which was not only destructive to speculators directly but the economy broadly, even as its excesses, particularly in terms of broadband build-up, funded the infrastructure that would fuel the Internet over the next two decades. And, by extension, those two decades would seem to be the Golden Age of the “Deployment Period.” That certainly seems to be the case with technological dispersion: today over four billion people have access to the Internet, and thanks to the global nature of the web, those in developing countries can consume and create on the same platforms as the most well off.

Moreover, the “Capital” part of Perez’s theory seems to fit as well: some of the best returns over the last fifteen years have been in established public companies like Apple, Microsoft, Google, Amazon, and Facebook — “Production Capital”, in Perez’s nomenclature. Venture capital, meanwhile, which is theoretically speculative “Financial Capital”, has increasingly become professionalized and standardized, thanks in part to the rise of cloud platforms like AWS; building a new SaaS company to take on another old-world vertical certainly takes hard work, but the playbook is fairly well-known.

This was my thinking behind 2020’s The End of the Beginning; I wasn’t thinking of Perez when I wrote that, to be honest, even though I reached for the automobile example. It just seemed clear to me that the post Dotcom Bubble era had reached its natural endpoint as far as market structure was concerned; whatever came next would look significantly different.

Perez disagrees.

The Imminent Golden Age

While the introduction to Technological Revolutions and Financial Capital makes the case that the Dotcom Bubble was the Turning Point, Perez now thinks we are still waiting for the Golden Age — and that there may be another crash in the future (Perez now includes the Great Recession as part of the current revolution’s Turning Point).

Perez’s link is to the Financial Times’ Tech Tonic podcast; the pertinent part starts at the 3:48 mark:

The important thing is that the previous revolutions had the Golden Age after the recession that follows the crash. And we could now perhaps have a global sustainable Golden Age. I think it is perfectly possible with the current technologies.

What would be necessary to bring that Golden Age about? How do we need to tilt the playing field to make that happen?

Well “tilt the playing field” is the word. The first thing we have to understand is that every Golden Age has had to do with social-political choices made by governments, because capitalism really only becomes legitimate when the greed of some is for the benefit of the many.

I think in order to tell you what needs to happen next time I have to give you an example from the past, because otherwise we don’t learn anything from history, and that’s why it’s important to understand how revolutions happen before. The mass production revolution brought the post-War boom. Now what happened then? If we look at the 1930s, we have some similarities with today. We see xenophobia, we see a lot of people angry and following at that time fascism and communism, now all sorts of extremisms right and left, leaders that really offer heaven even though they cannot delivery, but the whole thing is that people are angry and disappointed.

But you also have something else which is very important, which is that there is an enormous technological potential which is not being used. Not enough investment is going in the possible innovations because there is not enough demand, and demand is normally created by some policies. But it has to be policies that are adequate for that particular revolution. So what was the previous revolution? It was about mass production. So what was the direction in which it was tilted?

Well, first of all it was the World War. And with the World War it was obvious that producing a lot of weapons made a lot of good business sense. They became cheaper and better and so on. But then at the end of the war, governments did something very important: they created a set of policies that favored suburbanization. Before the automobile you had railways, so you only had stations, and the land in-between was very cheap, it had no way of being used. But once you have the automobile you can build cheap mass-produced houses to put lots of electrical appliances inside and the car at the door. And at the same time governments made the welfare state so that workers could buy those houses. So you have home ownership and consumerism, that’s one of the directions, and the other direction was the Cold War of course, so that you had innovation going in the two directions.

If we had stayed in what was visible in the 30s, it was very difficult to imagine this Golden Age that came after the war. The same thing is happening to us now. In order to get the technologies to go in the right direction, you’ve got to tilt the playing field, and I hold that the most effective way of doing that today is tilting it towards ‘Green’.

Perez’s view on how a focus on “Green” policies could fuel a Golden Age are well fleshed-out in papers like A Smart Green ‘European Way of Life’: the Path for Growth, Jobs and Wellbeing; one insight that I find very compelling is that the demand that drives job growth is less about the technology itself and more about the new lifestyle that the technology enables (just like suburbanization drove the previous revolution).

It’s worth noting, though, that Perez has a somewhat darker interpretation of the 1930’s in Technological Revolutions and Financial Capital (emphasis mine):

Regarding recovery in the 1930s, one cannot look at the USA only. In Germany, with Hitler’s rise to power, the institutional framework was reoriented to facilitate the development of mass production (and later of mass destruction and genocide). The war economy that began after 1933 in Germany could be seen as a synergy phase of a sort. Fortunately, the Nazis failed to conquer Europe and lost the war; otherwise, National Socialist Germany might have been the center of a longer-lasting fascist world. At that same time, the Soviet economy too was developing very fast with another mode of growth that was also capable of intensively deploying mass production. This wide range of options for the deployment of that particular paradigm — including the Keynesian democracies that will have the USA as their core — is an indication of how much is at stake and how much is decided about the future of each country and of the world at the turning point of each surge.

This isn’t a throwaway observation; Perez’s chart of technological revolutions is clear that the U.S. and Europe were on different timelines:

The implication of this observation is that the “Synergy” phase is amoral; it is not guaranteed that the alignment of government with the new technological revolution and its resultant impact on people leads to a “better” outcome as far as liberal democracy is concerned. Perez noted in a footnote:

The mass-production revolution, which marked most of the institutions of the twentieth century, underlay the centralized governments and massive consumption patterns of the four great modes of growth that were set up to take advantage of those technologies: the Keynesian democracies, Nazi-fascism, Soviet socialism and State developmentalism in the so-called ‘Third World,’ each with very wide-ranging specificities.

Synergies are not always golden.

The China Model

Another observation from Perez is that new technological revolutions create the conditions for newcomers to “leapfrog”:

In periods of paradigm shift there is a window of opportunity for real catching up as well as for forging ahead. Belgium, France and the USA caught up in the installation period of the second surge; Germany and the USA forged ahead in that of the third. Most of Europe, Japan and the Soviet Union, caught up in the fourth (though the latter fell dramatically behind with the fifth).

This is where the absence of China from Technological Revolutions and Financial Capital is notable. The only mention is in the postscript:

Yet, in the globalized world of the present paradigm, demand is also global. The best promise of massive market expansion would seem to be in the incorporation of more and more countries to global growth, investment, production and consumption. Growth in the larger countries of the developing world, together with China, Russia and the ex-socialist group of Eastern Europe, could serve as a first tier to pull the others forward. It is quite obvious that these potentially huge markets are a very long way from saturation.

This was a view reflective of the era in which it was written, in which it was assumed that the Internet, in conjunction with globalization, would liberalize and ultimately democratize China. In 2000, President Bill Clinton, upon the occasion of the establishment of Permanent Normal Relations with China said in a speech:

When China joins the W.T.O., by 2005 it will eliminate tariffs on information technology products, making the tools of communication even cheaper, better, and more widely available. We know how much the Internet has changed America, and we are already an open society. Imagine how much it could change China.

Now there’s no question China has been trying to crack down on the Internet. (Chuckles.) Good luck! (Laughter.) That’s sort of like trying to nail jello to the wall. (Laughter.) But I would argue to you that their effort to do that just proves how real these changes are and how much they threaten the status quo. It’s not an argument for slowing down the effort to bring China into the world, it’s an argument for accelerating that effort. In the knowledge economy, economic innovation and political empowerment, whether anyone likes it or not, will inevitably go hand in hand.

Things obviously didn’t work out that way; if anything the Internet has allowed China to push its values onto Americans. What is worth noting, though, is that you can make the case that China has entered the Synergy phase in which government has aligned with technology to profoundly impact China’s citizens. That this entails mass surveillance, censorship, and propaganda doesn’t undo Perez’s thesis; it perhaps punctures her optimism.

There are signs a weaker, yet in some ways similar, form of synergy has happened in the U.S. as well; soon after the Dotcom Bubble came the Patriot Act, and while the political motivations were the 9/11 terrorist attacks, the implementation was very much about leveraging technology for government ends. The extent of this synergy only became clear in 2013 when the Snowden revelations exposed a vast web of surveillance conducted by tech and telecommunications companies in partnership with the NSA.

Then, over the last several years, there has been a concerted effort to push tech companies to increasingly limit misinformation on their networks, and post corrective information instead; it doesn’t take much squinting to re-label both efforts as censorship and propaganda. This is not, I would note, to pass judgment as to whether those efforts are right or wrong (although I am skeptical); merely to note that there may be more evidence of synergy between the government and tech than it seems. It’s all a bit dystopian, to be sure, but revolutions by their nature are unpredictable; it wasn’t a certainty that liberal democracy would triumph in the fourth revolution, much less the current one.

A Crypto Revolution?

As the tweet above makes clear, Perez relishes debate about her theories; I am one of many writers on the Internet who have had the distinct pleasure of getting an email out of the blue from Perez, and having a conversation where she pushes and prods to understand the other’s point of view, confident it will make her theses stronger.

And, in that spirit, I have to confess I’m not sure if this rebuttal to Perez’s current position — my sense that we are in the maturation phase of the technological revolution, complete with government synergy — is correct or not. Perez has noted that COVID-19 could end what she thinks is the elongated turning point era, much like World War II ended the elongated turning point era of the previous revolution (at least in the U.S.). It is notable, for example, that the tech industry has also been an essential element in various government lockdown strategies during the COVID pandemic, most obviously by making it possible for the economy to continue to function while people work from home, and also in enabling a work-from-home lifestyle via e-commerce and food delivery services, with all of the commensurate jobs entailed in providing these services. That is a fundamental change to society that is only getting started — perhaps a new Golden Era is in fact imminent.

At the same time, it is notable that crypto, the most obvious candidate for the next technological revolution is not — contra Perez — an obvious extension of the current era. The overarching story of Stratechery has been the rise and consolidation of the aforementioned Big 5 tech companies, and the entire premise of Aggregation Theory is the inevitability of centralization in a world of frictionless abundance. Crypto, though, is about the introduction of scarcity; its payoff is decentralization, at the cost, at least for now, of convenience and speed.

Perez writes in Technological Revolutions and Financial Capital about what the Maturity phase looks like:

This is the twilight of the golden age, though it shines with false splendor. It is the drive to maturity of the paradigm and to the gradual saturation of markets. The last technology systems and the last products in each of them have very short life cycles, since accumulated experience leads to very rapid learning and saturation curves. Gradually the paradigm is taken to its ultimate consequences until it shows up its limitations.

Yet, all the signs of prosperity and success are still around. Those who reaped the full benefits of the ‘golden age’ (or of the gilded one) continue to hold on to their belief in the virtues of the system and to proclaim eternal and unstoppable progress, in a complacent blindness, which could be called the ‘Great Society syndrome’. But the unfulfilled promises had been piling up, while most people nurtured the expectation of personal and social advance. The result is an increasing socio-political split…this is a time when deep questions about the system are being asked in many quarters; the climate is favorable for politics and ideological confrontations to come to the fore. The social ferment can become intense and is sometimes quelled with social reforms.

Meanwhile, in the world of big business, markets are saturating and technologies maturing, therefore profits begin to feel the productivity constriction. Ways are being sought for propping them up, which often involve concentration through mergers or acquisitions, as well as export drives and migration of activities to less-saturated markets abroad. Their relative success makes firms amass even more money without profitable investment outlets. The search for technological solutions lifts the implicit ban on truly new technologies outside the logic of the now exhausted paradigm. The stage is set for the decline of the whole mode of growth and for the next technological revolution.

That seems awfully descriptive of the current era, no? Products that break through reach saturation in record time (see TikTok reaching a billion users in three years, or DTC companies that seem to max out in only a couple of years), while the future of established companies seems to be quagmire in legislators and the courts, even as profits continue to pile up without obvious places to invest. And if the government’s response to the revolution has been disappointing, that also may be because of the revolution itself.

Moreover, to the extent the dystopian picture above is correct — that the real synergy has been between centralized governments and centralized tech companies, to the alarm of both those abroad and in the U.S. — the greater the motivation there is to make the speculative investments that drive the next paradigm, especially if that paradigm operates in direct opposition to the current one. To be sure this framework does imply that crypto is full of scams and on its way to inflating a spectacular bubble, the aftermath of which will be painful for many, but that is both expected and increasingly borne out by the facts as well. What will matter for the future is how much infrastructure — particularly wallet installation — can be built-out in the meantime.

For what it’s worth my suspicion is that the current Installation period for crypto — if that is indeed where we are — has a long ways to run, which is another way of saying most of the economy will remain in the current paradigm for a while longer. The time from the Intel microprocessor to the Dotcom Bubble bursting was 30 years (and, it should be noted, there were a lot of smaller, more localized bubbles along the way); Satoshi Nakamoto only published his paper in 2008. Thirteen years after 1971 was 1984, the year the Mac was introduced; the browser was another 9 years away. It’s one thing to see the future coming; it’s something else entirely to know the timing. On that Perez and I can certainly agree.

I wrote a follow-up to this Article in this Daily Update.

---

1. This list is transcribed from the second Table 2.1 — there are two — on page 11 of 2014 paperback edition of Technological Revolutions and Financial Capital ↩

I wrote this for P&G’s Signal360 publication, but I thought I’d toss it up here as well. I know I’ve been very, very absent from writing for – well, for the entire pandemic. I plan to change that, but for now, here’s a mini-rant (I could have gone on forever) about the state of the television experience for us cord cutters out there. 

---

So, I was on a panel a while ago: What Does the Future Hold for Global Privacy Controls? - YouTube

The main point here is that Global Privacy Control affects all marketing projects at a company, not just web advertising.

• If you have a GPC from a customer, it affects everything including sales of postal direct mail lists, social media custom audiences, all of it.

• If you use GPC when you place an order, and you give the seller your info, then GPC affects all of what the company can do with your info, not just your current web session or order.

Anyway, they put it up as a YouTube video, so if I want to make an audio file to listen to offline I should download and convert it.

Step 1: Make a recording with Live Recorder.

Step 2: Extract the audio stream with ffmpeg. (source: video conversion - Lossless extraction of streams from WebM - Super User)

ffmpeg -i input.webm -vn -acodec copy out.ogg

Related

cleaning up YouTube

You know that I am huge fan of the Jabra Evolve2 65. I have also testet the Evolve2 85, but I settled for the 65 because the microphone boom does not collide with my face. Now Jabra announces the Evolve2 75 and I cannot wait to test it. It adds customizable ANC and personalized sound settings. This time, the microphone boom folds back but does not turn towards the mouth. It may be too short for my face, but I have recently tested the Cisco 730 which performs well even without a boom. We will have to see how good it records in noise environments.

Think we don’t Aveny exciting things to share about the design elements for one of our best-selling ebikes? Think again. The road and rider have been considered in every step of the design phase for this model. So, in addition to all of the conventional components, we’ve incorporated elements to make every adventure more practical and powerful.

Low Step-Through Frame

This one speaks for itself. The lower frame makes it easy to step-through the bike! Not only does this make starting your journey after a long workday easier, but it’s also more accommodating to injured or older riders, or anyone wearing a skirt or dress (that’s right, no bike shorts required). Whether you’re heading to the ocean or office, any starts and stops will be much easier from your closer-to-ground position. When we consider the Aveny a city commuter ebike, this is one of the main reasons why!

Upright Seating Position

Riders of all shapes and sizes were again considered as we designed the Aveny’s seating position. Unless you’re hoping to qualify for the next Tour de France, you’ll enjoy this more upright position that is better at minimizing joint pain. Instead of hovering over handlebars, you’ll enjoy better visibility and will be able to fully experience the world around you as you cruise around. Something we can probably all use a little help with, it’s better for posture, too!

Included Fenders, Lights, and Rear Rack

Now let’s get into some Aveny accessories. The fenders, lights, and rear rack are included—and custom designed to ensure the best rider experience! So, what makes them special?

• The battery powers the lights and there’s a cable inside the fender that connects the two.
• This connection also powers the integrated rear brake lights. To ensure the safest rides, additional stop lights turn on when you brake.
• The rear rack is also connected to the fender, which combines minimalistic design with maximum stability. It features six smart mounting points and a loading capacity of 55 pounds—so you can accessorize to your heart’s content with bags, baskets, and racks. It’s also ready for quick installation of the Yepp EasyFit child seat.

Front Rack System Customization

Didn’t think we’d leave out the front when designing our modular rack system, did you? It’s also been optimized for mounted accessories on the front head-tube. Designed for maximum stability and support, it has a loading capacity of 50 pounds.

500w Motor and 48V/13ah Battery

If you don’t remember your high school physics class, let us elaborate on this high-capacity battery and powerful motor. It all starts with location. The battery is located underneath the seat for low center of gravity . Similarly, the geared hub motor can be found in the rear wheel, which allows you to summit steep hills or ride with ease with a heavy load (up to 270 pounds). These two combined give you up to 45 miles per charge and 500w of continuous power output.

Throttle up to 20mph

Here’s where that 500w motor comes in! Using the thumb throttle on the left side of the handlebars, you can reach speeds of up to 20mph. Wanting a workout or riding with kids on board? No worries, just adjust the pedal assist level. There are 5 different PAS levels to choose from: level 0 will offer no assist and level 5 will get you closer to those high speeds of 20mph. Steep hills? No sweat, PAS can help here, too. Like traditional bikes, the Aveny is also equipped with 7-speed RevoShift gears. Shift easily by twisting with your right hand. High speeds can be reached on the highest gear and you can make that hill seem a lot lower by shifting to low gears.

Large Display with USB Port

No toolbox required to change the PAS level. Located on the user-friendly front display, you’ll be able to adjust the level of pedal assist, control the LED lights, and check your battery life, trip distance, and speed. Tech lovers, rejoice—the display also has a USB port for charging your phone or speaker.

New Colors

We’ve considered everything with this ebike—and the Aveny aesthetics are no exception! We want each ride to be playful, yet sophisticated and elegant. That said, choose between Nu Cream, Burgundy, Slate Gray, and Steel Blue colors. Now that you know all that this ebike can do, be sure to read about what YOU can do to get pedaling on the right foot. Happy riding!

A common story…

The community launches and quickly reaches a critical mass of activity.

A major benefit of the community to members is being able to engage directly with staff on issues that matter to them.

However, as the community grows, staff become busier and less accessible. Members start to feel neglected and sentiment in the community gradually turns against the organisation.

There are three interrelated problems here:

First, it’s hard to translate ‘accessibility’ into a metric. As a result it can’t easily be turned into a goal and thus rarely becomes a priority – at least not alongside more measurable priorities.

Second, you often don’t notice when accessibility is slipping precisely because you’re becoming busy with other tasks. You might think you’re still engaging with members at the same level, but members know that’s not the case.

Third, it’s easy to undervalue the importance of simply being accessible. If a superuser has a question, they should be able to get a reply from you within 24 hours in a private group. It’s good for engineers to visit the community frequently and tackle some questions. It shows the organisation cares.

Being accessible is important. It’s one of the major reasons to build a brand community in the first place. You get to give your most important audiences better access to you and each other.

The problems above also highlight a solution:

1) Make accessibility a metric you’re accountable for. Either add it as a question in your annual (or bi-annual) survey or measure the number of staff engagement in the community.

2) Recognise that new priorities will make you less accessible. As the community expands, you will become less accessible unless your headcount expands with the community.

3) Gather anecdotal feedback showing the importance of direct engagement. Whenever you see a positive outcome of direct engagement, capture it in Evernote (or any tool you like) and build up a growing collection of powerful stories to persuade others.

It might not entirely solve the problem, but it should hopefully help.

The post Putting A Price On Being Accessible first appeared on FeverBee.

Last week on Thursday, I read about the release of a fix for a new Apache 0-day vulnerability that was already exploited in the wild. At first I was a bit concerned, because I run quite a number of VMs with Apache on it. Fortunately, it turned out pretty quickly that my servers were not affected. However, after checking my web server logs, I noted that if my systems had been vulnerable, I would have been hacked long before I read the first article in my RSS stream. Hackers don’t sleep, the press is slow, and I’m even slower!

First a few words about not being affected: It turned out that the bug in question that allowed a directory traversal attack to get out of the web root directory was only introduced in the latest version of Apache. Fortunately, I’m running Ubuntu 18.04 and 20.04 on my servers and the latest version has not yet made it there. And even if it had, I would have still been safe, as the bug was only exploitable if an admin had changed the default configuration. I didn’t. Still, I’d say this was a close call.

I first noticed a report about the threat on Thursday afternoon last week in my RSS stream. Checking my RSS stream later-on for the first article on the topic, I saw that there were a number of earlier articles that I skipped, and that the first one was from Wednesday, mid day. When I looked into my server logs, I saw that first web crawlers started looking for vulnerable hosts long before then. The first I could find in my logs was from Wednesday morning, 5:15 am. In other words, if my systems had been vulnerable, the game would have been long over even if I had caught the first press report. Close call or not, that’s the alarming thing in the first place.

It’s also interesting to see what the crawlers were looking for: The vulnerability they were trying to exploit is a directory traversal attack to get out of the web root directory. And here are some interesting targets they were looking for:

GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd

GET /cgi-bin/.%2e/%2e%2e/%2e%2e/[...]/%2e%2e/etc/hosts

POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh

[...] inserted by me to shorten that path

The ‘passwd’ file is obviously interesting for attackers, as it contains the names of the user accounts on the server. The encrypted passwords, however, are in the ‘shadow’ file which is only readable by root. Reading that file to be able to brute force the passwords would have required yet another configuration blunder from the admin. The ‘hosts’ file is also interesting, as it would have told an attacker a bit about the local network. The HTTP POST for ‘sh’ is probably the most nefarious request, as the attacker tried to put a new shell executable in place to get a backdoor.

So let’s say I would have been affected by this 0-day, what would I have done? Since the logs clearly show that break-ins appeared already, I think the only way forward would have been to immediately take the VMs offline, create a backup for a post-mortem, and then to restore the system partition and user home directory from an earlier backup. Fortunately, I do keep backups of system partitions so I could have done that with relatively little effort. Still, data might have leaked, so that is only one part of the story. Fortunately, I was not affected, but it shows that there are no guarantees and we are all walking on thin ice here.

I was thinking about why I trust one particular doctor more than others. It comes down to two things: expertise and empathy. Neither, by itself, is sufficient. The doctor is Caroline Levine. She is a specialist who I visit at least twice a year, and who is protecting my health from serious jeopardy. She has … Continued

The post How the empathetic expert generates trust appeared first on without bullshit.

Overney2020 Cassandra Overney, Jens Meinicke, Christian Kästner, and Bogdan Vasilescu: "How to not get rich: an empirical study of donations in open source". Proc. International Conference on Software Engineering (ICSE), 2020, 10.1145/3377811.3380410.

Open source is ubiquitous and many projects act as critical infrastructure, yet funding and sustaining the whole ecosystem is challenging. While there are many different funding models for open source and concerted efforts through foundations, donation platforms like PayPal, Patreon, and OpenCollective are popular and low-bar platforms to raise funds for open-source development. With a mixed-method study, we investigate the emerging and largely unexplored phenomenon of donations in open source. Specifically, we quantify how commonly open-source projects ask for donations, statistically model characteristics of projects that ask for and receive donations, analyze for what the requested funds are needed and used, and assess whether the received donations achieve the intended outcomes. We find 25,885 projects asking for donations on GitHub, often to support engineering activities; however, we also find no clear evidence that donations influence the activity level of a project. In fact, we find that donations are used in a multitude of ways, raising new research questions about effective funding.

We have long advised Web users to look for HTTPS and the lock icon in the address bar of their favorite browser (Firefox!) before typing passwords or other private information into a website. These are solid tips, but it’s worth digging deeper into what HTTPS does and doesn’t do to protect your online security and what steps you need to take to be safer.

Trust is more than encryption

It’s true that looking for the lock icon and HTTPS will help you prevent attackers from seeing any information you submit to a website. HTTPS also prevents your internet service provider (ISP) from seeing what pages you visit beyond the top level of a website. That means they can see that you regularly visit https://www.reddit.com, for example, but they won’t see that you spend most of your time at https://www.reddit.com/r/CatGifs/. But while HTTPS does guarantee that your communication is private and encrypted, it doesn’t guarantee that the site won’t try to scam you.

Because here’s the thing: Any website can use HTTPS and encryption. This includes the good, trusted websites as well as the ones that are up to no good — the scammers, the phishers, the malware makers.

You might be scratching your head right now, wondering how a nefarious website can use HTTPS. You’ll be forgiven if you wonder in all caps HOW CAN THIS BE?

The answer is that the security of your connection to a website — which HTTPS provides — knows nothing about the information being relayed or the motivations of the entities relaying it. It’s a lot like having a phone. The phone company isn’t responsible for scammers calling you and trying to get your credit card. You have to be savvy about who you’re talking to. The job of HTTPS is to provide a secure line, not guarantee that you won’t be talking to crooks on it.

That’s your job. Tough love, I know. But think about it. Scammers go to great lengths to trick you, and their motives largely boil down to one: to separate you from your money. This applies everywhere in life, online and offline. Your job is to not get scammed.

How do you spot a scam website?

Consider the uniform. It generally evokes authority and trust. If a legit looking person in a spiffy uniform standing outside of your bank says she works for the bank and offers to take your cash in and deposit it, would you trust her? Of course not. You’d go directly to the bank yourself. Apply that same skepticism online.

Since scammers go to great lengths to trick you, you can expect them to appear in a virtual uniform to convince you to trust them. “Phishing” is a form of identity theft that occurs when a malicious website impersonates a legitimate one in order to trick you into giving up sensitive information such as passwords, account details or credit card numbers. Phishing attacks usually come from email messages that attempt to lure you, the recipient, into updating your personal information on fake but very real-looking websites. Those websites may also use HTTPS in an attempt to boost their legitimacy in your eyes.

Here are some things you should do.

Don’t click suspicious links.

I once received a message telling me that my Bank of America account had been frozen, and I needed to click through to fix it. It looked authentic, however, I don’t have a BoFA account. That’s what phishing is — casting a line to bait someone. If I did have a BoFA account, I may have clicked through and been hooked. A safer approach would be to go directly to the Bank of America website, or give them a call to find out if the email was fake.

If you get an email that says your bank account is frozen / your PayPal account has a discrepancy / you have an unpaid invoice / you get the idea, and it seems legitimate, go directly to the source. Do not click the link in the email, no matter how convinced you are.

Stop for alerts.

Firefox has a built-in Phishing and Malware Protection feature that will warn you when a page you visit has been flagged as a bad actor. If you see an alert, which looks like this, click the “Get me out of here!” button.

HTTPS matters

Most major websites that offer a customer login already use HTTPS. Think: financial institutions, media outlets, stores, social media. But it’s not universal. Every website out there doesn’t automatically use HTTPS.

With HTTPS-Only Mode in Firefox, the browser forces all connections to websites to use HTTPS. Enabling this mode provides a guarantee that all of your connections to websites are upgraded to use HTTPS and hence secure. Some websites only support HTTP and the connection cannot be upgraded. If HTTPS-Only Mode is enabled and a HTTPS version of a site is not available, you will see a “Secure Connection Not Available” page. If you click Continue to HTTP Site, you accept the risk and then will visit a HTTP version of the site. HTTPS-Only Mode will be turned off temporarily for that site.

It’s not difficult for sites to convert. The website owner needs to get a certificate from a certificate authority to enable HTTPS. In December 2015, Mozilla joined with Cisco, Akamai, EFF and University of Michigan to launch Let’s Encrypt, a free, automated, and open certificate authority, run for the public’s benefit.

HTTPS across the web is good for Internet Health because it makes a more secure environment for everyone. It provides integrity, so a site can’t be modified, and authentication, so users know they’re connecting to the legit site and not some attacker. Lacking any one of these three properties can cause problems. More non-secure sites means more risk for the overall web.

If you come across a website that is not using HTTPS, send them a note encouraging them to get on board. Post on their social media or send them an email to let them know it matters: @favoritesite I love your site, but I noticed it’s not secure. Get HTTPS from @letsencrypt to protect your site and visitors. If you operate a website, encrypting your site will make your it more secure for yourself and your visitors and contribute to the security of the web in the process.

In the meantime, share this article with your friends so they understand what HTTPS does and doesn’t do for their online security.

The post HTTPS and your online security appeared first on The Mozilla Blog.

cartoon by Bill Bramhall in the NY Daily News

I confess: I am easily seduced into fear over the vast amount of, and seeming power of, misinformation and disinformation in our modern world. As the US and other parts of the world slide closer and closer to embracing fascism, my anxiety about the role misinformation and disinformation, and the social and other media that traffic in them, play, just keeps growing.

So I was both challenged and relieved by an astonishing article entitled Bad News in the September edition of Harper’s magazine (the whole special issue is worth a read), written by Buzzfeed’s Joseph Bernstein. Joseph’s compellingly argued thesis is (my paraphrasing):

1. Most of the political information, including misinformation and disinformation, read and propagated on social media is viewed by the vast majority, if it is absorbed and considered at all, with skepticism, no matter who it comes from. It almost never changes anyone’s mind.
2. What social media have done is to simply display, in a particularly garish and ghastly fashion, what many, perhaps the majority of people already, preposterously, believe.
3. And what we read and repost in social media is what conforms to what we already believe, and what we want to believe, often without any regard for its truth or the evidence (or lack thereof) supporting it. Social media mostly reflect, rather than influence, what we believe.
4. In even worse news for the Silicon Valley paper billionaires, there is compelling evidence that advertising in social media, including political advertising, simply doesn’t work. It is read and appreciated by, and only by, people who were already intending to “buy” what the ad was selling. The billions that advertisers spend on social media (and in most other places), is simply a waste of money, enriching only the advertising and PR industries that sell to gullible businesses and politicians, and, of course, adding to the “cost” of the product that the consumer ultimately has to bear.
5. Facebook, Twitter and Google, then, are basically gussied-up versions of the free “buy and sell” advertising+fluff newspapers you get in street-corner boxes and handed to you on commuter trains — they offer no content or analysis of their own, only regurgitated stuff that corporations, politicians and other sellers are willing to directly or indirectly pay them for — advertisements and promotions for products, political candidates, opinions, and ideas.
6. Citing Jacques Ellul, author of a landmark study on propaganda, Joseph says: “Ellul dismissed a ‘common view of propaganda . . . that it is the work of a few evil men, seducers of the people.’ He compared this simplistic story to midcentury studies of advertising ‘which regard the buyer as victim and prey.’ Instead, he wrote, the propagandist and the propagandee make propaganda together. One reason to grant Silicon Valley’s assumptions about our mechanistic persuadability is that it prevents us from thinking too hard about the role we play in taking up and believing the things we want to believe. It turns a huge question about the nature of democracy in the digital age—what if ‘the people’ believe crazy things, and now everyone knows it?”

Joseph scathingly lists the long-standing dysfunctionalities of the American political and social culture that have contributed to so many believing so many “crazy things”, and the whole article is worth reading and thinking about. As for social media, he writes:

Facebook is full of ugly memes and boring groups, ignorant arguments, sensational clickbait, products no one wants, and vestigial features no one cares about. And yet the people most alarmed about Facebook’s negative influence are those who complain the most about how bad a product Facebook is. The question is: Why do disinformation workers think they are the only ones who have noticed that Facebook stinks?

He concludes:

It’s possible that the Establishment needs the theater of social-media persuasion to build a political world that still makes sense, to explain Brexit and Trump and the loss of faith in the decaying institutions of the West. The ruptures that emerged across much of the democratic world five years ago called into question the basic assumptions of so many of the participants in this debate—the social-media executives, the scholars, the journalists, the think tankers, the pollsters. A common account of social media’s persuasive effects provides a convenient explanation for how so many people thought so wrongly at more or less the same time. More than that, it creates a world of persuasion that is legible and useful to capital—to advertisers, political consultants, media companies, and of course, to the tech platforms themselves. It is a model of cause and effect in which the information circulated by a few corporations has the total power to justify the beliefs and behaviors of the demos. In a way, this world is a kind of comfort. Easy to explain, easy to tweak, and easy to sell, it is a worthy successor to the unified vision of American life produced by twentieth-century television. It is not, as Mark Zuckerberg said, “a crazy idea.” Especially if we all believe it.

So if we want to be concerned about the nonsensical, potentially destructive beliefs of so many of our fellow citizens, we should not be blaming social and other media or trying to “fix” them, but asking ourselves how such preposterous beliefs came to be so widespread in the first place — probably long before social media (and the responses of many to climate change, systemic racism, and CoVid-19) brought these preposterous beliefs to our chagrined attention.

For example: If we want to understand skepticism, in the US especially, of the pronouncements of public health experts about the pandemic, we might start by appreciating that the US health system has evolved to be an utterly and obscenely bloated and inept bureaucracy, offering a pay-as-you-go (if you can afford it) two-tier system that has evolved to benefit for-profit insurance companies, for-profit pharmaceutical companies, extravagantly expensive medical schools, self-entitled corporate executives and extremely rich citizens, and the politicians whose campaigns they fund, and no one else.

As a result, as many Americans use “alternative” medicine resources (many of them shady and even dangerous, like homeopathy and faith healing) as use the expensive, dysfunctional “primary” healthcare system. Most Americans have in one way or another been abused (by neglect, malpractice, or misinformation) by the US medical system, which is, in fact, one of the leading causes of death in the country. So when someone suggests that the latest mandates (which seem to change all too quickly with the political winds), vaccines, and other impositions of the pandemic are fraudulent, there’s a lot of people who are already predisposed to believe that’s true.

What’s more interesting, then, than the role the social and other media have played in providing a venue for the expression of extreme distrust, is what lies behind our propensity to believe they have played any role at all? Americans elected Nixon, and Reagan, before there were social media. They built bomb shelters, believed “better dead than Red”, and held anti-communist witch hunts. They fell for religious and political bigots, organized vigilante groups and worse, believed in absurd and deadly cures for physical and mental diseases, and joined all manner of cults. Why should the 21st century context for what people believe, and are prepared to do in support of those beliefs, be any different? The average American, according to a recent Forbes report, reads at below a sixth grade level of comprehension.

So what if we were to acknowledge that social media are just over-hyped bit players in a bewildered world that has always been prone to believing falsehoods because they’re more comfortable and consistent with what people want to believe, than the truth? What do we do then?

Well, we could ridicule them, get outraged by them, shun them, or dismiss them as “deplorables”. Or we could reach out to them, without expectations, and understand how they came to believe what they believe. Not that we’re going to change their minds. Sorry, idealists, that ain’t going to happen. Any more than you’re going to join the ranks of the Trumpists and Brexiteers and born-again creationist hordes and conspiracy theorists and faith healers and QAnon groupies. But just to understand where we stand. We, plural.

Our human civilization culture, with its 7.8B hostages, is collapsing, ecologically, economically, and, inevitably, to some extent socially as well. We all sense it. The evidence is everywhere. Sooner or later, as collapse takes hold, we are going to have to start to build local communities from the ground up with the people with whom we find ourselves. Some, perhaps most, of those people are going to believe, and believe in, some ludicrous things, things that will horrify and appal you, and you’re not going to talk them out of their beliefs.

You’re going to have to build a local community that works with them. Might as well start now to figure out what you’re going to have to work with.

In the meantime, if you’re paying for advertising, especially on social media, Joseph’s article should convince you that you’re being had. If someone in the business of persuasion — a corporation or a politician or a media ‘representative’ or a guru or an ‘influencer’ or a movement ‘leader’ or an op-ed writer — tries to sell you something, anything… caveat emptor.

But then, if you were going to buy what they’re selling, you would have bought it anyway. So… never mind.

PS: Bonus: Joseph is interviewed by Harper’s web editor on this podcast.

In C, 'main' returns an int. What happens when you don't explicitly return a value, though? C99 provides a return value of 0, but C89... well, that's undefined, my favorite kind of behavior.

Shortly after Apple’s virtual event last month concluded, some people wondered out loud if the Apple Watch Series 7 was a placeholder. The rumor hill was confident that Apple was going to extend the design language found with the iPhone and iPad by announcing an Apple Watch with flat edges. Instead, Apple unveiled an Apple Watch Series 7 display with curved edges. The apparent lack of other noteworthy features was then used by some as evidence of Apple rushing the Series 7 to unveil something in front of the holidays.

Nothing could be further from the truth.

For the past few days, I’ve been using an Apple Watch Series 7 (45mm - Aluminum Green). The best descriptive words regarding the Series 7 that come to mind are fun, fulfilling, and endearing. The Series 7’s targeted updates help to advance computing on the wrist while addressing some known friction points that had accompanied daily usage. There is nothing like the Apple Watch in the market, and Apple continues to run forward with a device ushering in a paradigm shift in computing. 

The following are my initial impressions from using an Apple Watch Series 7.

Larger Screen. Apple Watch Series 7 marketing is anchored around the larger screen - and for good reason. Much to my surprise, reducing the display borders by 40% gives the Series 7 a completely different kind of Apple Watch experience. Instead of using the Series 7’s larger screen (20% larger than the Series 6) to include more text and information, Apple leveraged the additional screen real estate to make buttons and text larger. This was a smart decision. Instead of having Series 7 owners spend more time looking at their wrists, the larger screen makes it easier to quickly gather information and not get lost in the watch. 

One way of describing the Apple Watch’s screen size changes over the years is that the Series 4 went after the low-hanging fruit. There was value found in simply fitting more stuff on a bigger screen. The Series 7 screen (50%+ larger than the Series 3) feels like the refinement step, focusing more on the finer things like larger font and click areas that end up having a larger impact on daily usage. 

Larger Footprint. Apple Watch Series 7 has a slightly larger form factor than the Series 6 (45mm and 41mm vs 44mm and 40mm). The larger size on the wrist was not noticeable. The Series 7 Aluminum doesn’t feel heavier than the Series 6 either despite weighing 7% more. Weight becomes a bigger issue when moving to the Stainless Steel from Aluminum. As someone who has worn the Aluminum regularly for years, the Stainless Steel is too heavy for my taste. There will come a point at which the larger Apple Watch option starts to become unwieldy, but I don’t think we are at that point yet.

Setup. It took about 20 minutes to set up the Series 7 with an iPhone 13 Pro using Restore from Backup. Similar to how the iPhone setup process has become streamlined over the years, the days of needing to wait until the weekend to set up your new Apple Watch for fear of running into issues are over. 

Brighter Screen. Similar to how the Series 7’s larger screen jumped out at me, the 70% brighter always-on screen was also noticeable. To the user’s eye, it pretty much seems like the Apple Watch screen has the same brightness regardless of one’s wrist position. With the Series 6, I found myself needing to tap the screen when in the “always-on” state and not in a direct line of sight because it wasn’t bright enough. 

Color. Apple unveiled five new aluminum colors - Green, Blue, Product Red, Starlight, and Midnight. The green is very attractive, reminding me more of a greenish black. In certain light conditions, the Watch comes across as having a black case. 

 

 

Battery Life. Apple has been following an “all day” battery life strategy for Apple Watch. Instead of removing Watch features to extend battery life to two to three days, Apple has strived to have Apple Watch battery life last as close to a full day as possible without the wearer needing a quick boost in the middle of the day. For the most part, Apple has been successful with that objective. Obviously, Apple Watch battery life is dependent on usage. Someone that goes heavy on workouts, podcast listening, and GPS will struggle getting through the whole day on a single charge. However, on average, the Apple Watch should last from a morning charge to getting ready for bed approximately 18 hours later. 

In recent years, sleep tracking has complicated Apple’s battery goal for Apple Watch. It’s no longer enough for Apple Watch to last a full day. It also needs to last the subsequent night. Quick charge is Apple’s solution. In the amount of time someone takes to get ready for bed, an Apple Watch can get enough charge (~20%) to do six to eight hours of sleep tracking and then be ready for a longer (~45 minutes) charge in the morning.

Based on my rudimentary testing, the strategy holds true. Thanks to an updated charging architecture and fast-charging USB-C cable, I was able to charge the Apple Watch Series 7 from 0% to 82% in 45 minutes. That is favorable to Apple’s 80% battery charge in 45 minutes claim. As for Series 7 and Series 6 charging, I achieved 25% to 30% faster charging for the Series 7 using the same 20W USB-C power adapter for both the Series 7 and 6. Apple claims the Series 7 has “up to 33% faster charging” than the Series 6 when using a 20W USB-C power adapter with the Series 7 and a 5W USB power adapter with the Series 6. 

In practice, does all of this battery life strategizing work for the average Apple Watch wearer?  The short answer is “yes.” Most Apple Watch wearers will likely end up getting through the day and night on a single charge. A roughly 30 minute charge in the morning will then be enough to get through the following day. Of course, there is room for Apple to improve Apple Watch battery life. There will likely always be room for battery life improvement. 

Full-Size Keyboard. Two words: scary good. I was impressed with Apple’s slide-to-text technology that relies on machine learning to predict what I’m typing. Heading into the Series 7, my view was that tapping or sliding on an Apple Watch screen to write messages or emails didn’t make much sense. Instead, dictation was the way forward. That idea hasn’t completely gone away for me. It’s still faster to dictate messages on the wrist instead of typing. However, using voice for dictation has its limitations, especially when it comes to privacy. It’s just not practical or useful to use voice to dictate messages when in meetings or public settings. By including a built-in full-size keyboard for the first time (third-party options were previously available), Apple has essentially given the Apple Watch a new user input. 

 

 

In a related note, as discussed above, the larger touch areas made possible by the 20% larger screen really do make a difference. For example, it’s easier and more enjoyable using the calculator app.

 

 

Putting the Series 7 Into Perspective. As someone who has worn an Apple Watch daily for the past six years, the Series 7 is up there with the Series 4 as being the most noteworthy upgrade to date. It’s that good. That may come off as surprising given the lack of new features found with the Series 7. However, quality always trumps quantity when it comes to new features. The primary reason for the Series 7 receiving such a high honor is that a larger screen plays a very big role in my day-to-day Apple Watch experience. The wrist is among some of the most valuable real estate for computing, and a larger Apple Watch screen takes advantage of that premium real estate.

At the same time, Apple’s ongoing dedication to Apple Watch’s rectangular design heritage is appreciated. Apple could certainly go in different directions with Apple Watch case design, but the company’s continued commitment to positioning Apple Watch as a general computing device ends up being met with a screen designed to display text and information. Apple’s focus on maintaining all-day battery life despite larger power requirements, like a brighter and larger screen, is also something that can’t be ignored. 

One Final Thing About the Series 3. Apple continues to sell the Apple Watch Series 3 alongside the flagship Series 7. Apple is relying on a different strategy here than with the iPhone and iPad. By not keeping last year’s Apple Watch series around, Apple ended up creating a larger gap in feature set between models. The end result is more people opting for the latest and greatest. When comparing the Series 7 to the Series 3, it’s no surprise that the Series 7 will grab the majority of sales. Interestingly, the Apple Watch SE (basically a rebranded Series 4) wasn’t updated last month either. This will only serve to funnel additional sales to the Series 7. 

There are a few reasons for Apple to keep the Series 3 in the lineup. Price is a big one. For some users, budget is the most important purchasing consideration. The Series 3 is just $199 in comparison to $399 for Series 7 GPS. The Series 3 also prevents a price umbrella from forming under the flagship model. With the Series 3 still available for sale, it’s difficult for an Apple Watch competitor to gain traction in the $150 to $200 range. Despite being four years old, the Series 3 can still hold its own relative to the competition. That just goes to show how far Apple is with its wearables strategy. 

As someone who has used both the Series 3 and now Series 7, the difference between the two models is like day and night. It’s hard to imagine going from a Series 7 back to a Series 3. The $200 price gap comes across as small. The thing is, the Apple Watch is a new user story. Unlike the iPhone, Apple Watch sales are driven by customers buying their first Apple Watch. A Series 3 still beats a bare wrist.

Listen to the corresponding Above Avalon podcast episode for this article here.

Receive my analysis and perspective on Apple throughout the week via exclusive daily updates (3 stories per day, 12 stories per week). Available to Above Avalon members. To sign up and for more information on membership, visit the membership page.

For additional discussion on this topic, check out the Above Avalon daily update from October 14th.

Did something out of my ordinary yesterday afternoon, I went to the movie theatre, on my own. To see Dune. The Dune series I’ve read many times, and I was curious to see how they made it into a movie. It’s following the book pretty closely, if not too closely, making it struggle to keep forwards momentum I feel. I wonder what someone who hasn’t read Dune thinks of the movie’s story, does it at all make sense? It’s long, and covers just a portion of the book ([UPDATE 20211017 upon rereading I realise it covers almost exactly half the book]). I wonder if they’ll greenlight the second planned part, which is where the action will be.

Had an almost private viewing of Dune yesterday afternoon, in the Amersfoort Pathé theatre

Returning home I picked up the paperback I have, but seeing the tiny print, on E’s suggestion opted for an e-book version. Will be re-reading the entire series I suspect…

23-25 June 2022, Catholic University of Eichstaett-Ingolstadt, Eichstaett, Bavaria Germany Call for Papers: Please send an abstract of not more than 250 words to: sac-conf@ku.de by 15 December 2021. Place has become a pivotal concept …

In reply to A Triumph for Blogging by Wouter Groeneveld

I recognise what you write very much. Blogging for me is about having distributed conversations, and starting my blog all those years ago caused a sort of Cambrian explosion in the interaction I had around the world, which led to conferences, meet-ups, shifting interests, Reboot, and my wife’s and my spread out circle of friends, unconferences for our birthdays, and ultimately also to the type of work I’ve been doing for the past 15 years. It’s not that it automatically happened or followed from blogging, but blogging has turned out to be the loom with which a lot of the fabric of my life has been (inter)woven. Thank you for expressing how that worked similarly for you the past years, and happy to hear my blog played a role in that.

Since taking blogging a bit more serious a few years ago, I’ve had the opportunity to meet some truly wonderful people. This is a short ode to blogging….

Wouter Groeneveld

Gao2020 Gao Gao, Finn Voichick, Michelle Ichinco, and Caitlin Kelleher: "Exploring Programmers' API Learning Processes: Collecting Web Resources as External Memory". Symposium on Visual Languages and Human-Centric Computing (VL/HCC), 2020, 10.1109/vl/hcc50065.2020.9127274.

Modern programming frequently requires the use of APIs (Application Programming Interfaces). Yet many programmers struggle when trying to learn APIs. We ran an exploratory study in which we observed participants performing an API learning task. We analyze their processes using a proposed model of API learning, grounded in Cognitive Load Theory, Information Foraging Theory, and External Memory research. The results provide support for the model of API Learning and add new insights into the form and usage of external memory while learning APIs. Programmers quickly curated a set of API resources through Information Foraging which served as external memory and then primarily referred to these resources to meet information needs while coding.

That's right! The Crazy Bars are in stock and ready to go out. Full disclosure, we get emails about these daily so we expect them to go fast.

Here’s a common conundrum:

If you (the community manager) respond to a question in a community, other members are less likely to respond. This makes it harder for top members to earn points and feel a sense of influence.

But if you don’t respond to a question in a community, it can linger and look bad. It also means the person asking a question is waiting for a response and becoming increasingly frustrated.

Most community folks treat this as a binary problem and resort to either answering every question they can or only answering questions after 3 to 4 days have passed. Neither is ideal and reflects a lack of thinking about which questions you should or shouldn’t be answering.

There are two levels to this depending upon what data you have access to.

If you have limited data, you immediately respond to questions which:

• You know it will be hard for most members to answer.
• Don’t have a solution.
• Stress a high level of urgency/frustration.
• Are from first-time participants.
• Are from high-value members/customers.

If you can scrape or analyse the data, you can If you have limited data to see what kind of questions will or won’t be responded to.

You can see an example below:

Product categories 3 and 4 – leave for members
In the above example, you probably don’t need to jump in for questions in several categories (especially product 4 product 3).

Developers and partners – check responses and add value
It’s also clear that developers and partners aren’t getting good responses. So you may want to check the responses you do get and add value where you can.

Product 1 – Escalate after 300 minutes
It’s also clear that the ‘product 1’ category has a high time to first response, but a low response rate. This suggests members are answering the easy questions, but the rest linger. You might set a rule that if a question lingers here for more than 300 minutes you jump in.

Product 2 – Jump in immediately
Finally, product 2 has poor responses all round. You should immediately jump in and answer these questions because the community doesn’t seem to have the expertise to do it.

Like most things, this isn’t a binary problem. You can dive deeper and develop a much better solution.

p.s. If you want to be really fancy, you can build a model using category, subject title, post length, and sender information to predict which questions will receive a response and jump in those that are unlikely to get a reply.

The post Should You Respond To Questions Before Your Members? first appeared on FeverBee.

Most television shows don't get past the first season, but there are some that manage to stick around. These are the 175 longest running shows on IMDb that have ratings.

Read More

This week I came across an article titled “Why don’t video games take sex seriously?”… so naturally I clicked it. I was pleased to find the article featured Robert Yang, one of my favorite game designers that I follow on Twitter. I like Yang because our lives are so entirely dissimilar; I’m a straight white guy who makes corporate websites and he’s a gay asian man who makes a lot of homoerotic sex simulator games. If I recall correctly, I started following him about five years ago because of this tweet about level design and I was hooked. Even though I’m not the target audience of his controversial (but yet not controversial) games, I admire and appreciate Yang’s work.

Back to the article about video game sex. One particular passage stuck out to me…

Bodies in games don’t feel soft, Yang points out. They are made for running and shooting, not holding hands or kissing. “I could make a shooter in five minutes,” he says, “but if you tell me to make a hugging game, that’s really hard. Designing intimacy, closeness, simulating objects touching slowly – these are really hard in game development because so little attention has been paid to this space.”

What an incredible revelation of priorities! We’ve prioritized violence in games, in part, because it’s easy. As Yang and his list of banned games exemplifies, a violent game is more socially acceptable than an intimate game. You can sell, market, and stream the violent game. Much tooling exists for creating violence faster. But making compelling intimacy… not so much.

In a GDC talk called Sexy Microtalks: Making Intimacy Romance, and Sex in Games (also featuring Robert Yang), narrative designer Michelle Clough explains the power of narrative and language in games. She contrasts common action verbs of romance novels (another story telling format) and common action verbs for game mechanics. The results couldn’t be more opposite.

It reminds me of a quote I heard from game designer Hideo Kojima talking about his game Death Stranding, which I wrote about in a post called Sticks and Ropes.

[T]he stick is the first tool that mankind created to put distance between himself and bad things — to protect himself… [T]he second tool mankind created is a rope. A rope is a tool used to secure things that are important to you. Most of your tools in action games are sticks. You punch or you shoot or you kick. The communication is always through these sticks, I want people to be connected not through sticks, but through what would be the equivalent of ropes.

I’m not one of those “violent games makes kids violent” people, I’m the opposite and I think the data disproves that conservative trope. I do wonder if these games, their actions, and the general aire of competitiveness contribute towards amplifying toxicity and toxic masculinity. Transgressive actions prioritized over bonding actions. What if there was more compelling content centered around not attacking each other? And beyond video game content, I’d feel comfortable abstracting that thought to tweets, blogs, political ads, JavaScript frameworks, and so on…

Anyways, it’s a thought-provoking read about sex in video games and why it’s notoriously horrifying, awkward, and bad.

The post The Future of German Competitiveness appeared first on Innosight.

When you figure something tricky out, write a blog post about it. Maybe a decade later it will help someone out of a jam:

You are f*cking amazing. I was pulling my hair out in Germany trying to figure this out. Thank you, thank you, thank you!

See alsoe A Triumph for Blogging.

Bogomolov2021 Egor Bogomolov, Vladimir Kovalenko, Yurii Rebryk, Alberto Bacchelli, and Timofey Bryksin: "Authorship attribution of source code: a language-agnostic approach and applicability in software engineering". Proc. European Software Engineering Conference/International Symposium on the Foundations of Software Engineering (ESEC/FSE), 2021, 10.1145/3468264.3468606.

Authorship attribution (i.e., determining who is the author of a piece of source code) is an established research topic. State-of-the-art results for the authorship attribution problem look promising for the software engineering field, where they could be applied to detect plagiarized code and prevent legal issues. With this article, we first introduce a new language-agnostic approach to authorship attribution of source code. Then, we discuss limitations of existing synthetic datasets for authorship attribution, and propose a data collection approach that delivers datasets that better reflect aspects important for potential practical use in software engineering. Finally, we demonstrate that high accuracy of authorship attribution models on existing datasets drastically drops when they are evaluated on more realistic data. We outline next steps for the design and evaluation of authorship attribution models that could bring the research efforts closer to practical use for software engineering.

The worldwide shipping crisis is bad. Here are some reasons:

1. “Just in time” manufacturing, shipping, delivery, and logistics. For several decades, the whole supply system has been optimized for “lean” everything. On the whole, no part of it fully comprehends breakdowns outside the scope of immediate upstream or downstream dependencies.
2. The pandemic, which has been depriving nearly every sector of labor, intelligence, leadership, data, and much else, since early last year.
3. Catastrophes. The largest of these was the 2021 Suez Canal Obstruction, which has had countless effects upstream and down.
4. Competing narratives. Humans can’t help reducing all complex situations to stories, all of which require protagonists, problems, and movement toward resolution. It’s how our minds are built, and why it’s hard to look more deeply and broadly at any issue and why it’s here. (For more on that, see Where Journalism Fails.)
5. Corruption. This is endemic to every complex economy: construction, online advertising, high finance, whatever. It happens here too. (And, like incompetence, it tends to worsen in a crisis.)
6. Bureacracies & non-harmonized regulations. More about this below*.
7. Complicating secondary and tertiary effects. The most obvious of these is inflation. Says here, “the spot rate for a 40-foot shipping container from Shanghai to Los Angeles rising from about $3,500 last year to $12,500 as of the end of September.” I’ve since heard numbers as high as $50,000. And, of course, inflation also happens for other reasons, which further complicates things.

To wrap one’s head around all of those (and more), it might help to start with Aristotle’s four “causes” (which might also be translated as “explanations”). Wikipedia illustrates these with a wooden dining table:

• Its material cause is wood.
• Its efficient cause is carpentry.
• Its final cause is dining.
• Its formal cause (what gives it form) is design.

Of those, formal cause is what matters most. That’s because, without knowledge of what a table is, it wouldn’t get made.

But the worldwide supply chain (which is less a single chain than braided rivers spreading outward from many sources through countless deltas) is impossible to reduce to any one formal cause. Mining, manufacturing, harvesting, shipping on sea and land, distribution, wholesale and retail sales are all involved, and specialized in their own ways, dependencies withstanding.

I suggest, however, that the most formal of the supply chain problem’s causes is also what’s required to sort out and solve it: digital technology and the Internet. From What does the Internet make of us?, sourcing the McLuhans:

“People don’t want to know the cause of anything”, Marshall said (and Eric quotes, in Media and Formal Cause). “They do not want to know why radio caused Hitler and Gandhi alike. They do not want to know that print caused anything whatever. As users of these media, they wish merely to get inside…”

We are all inside a digital environment that is making each of us while also making our systems. This can’t be reversed. But it can be understood, at least to some degree. And that understanding can be applied.

How? Well, Marshall McLuhan—who died in 1980—saw in the rise of computing the retrieval of what he called “perfect memory—total and exact.” (Laws of Media, 1988.) So, wouldn’t it be nice if we could apply that power to the totality of the world’s supply chains, subsuming and transcending the scope and interests of any part, whether those parts be truckers, laws, standards, and the rest—and do it in real time? Global aviation has some of this, but it’s also a much simpler system than the braided rivers between global supply and global demand.

Is there something like that? I don’t yet know. Closest I’ve found is the UN’s IMO (International Maritime Organizaiton), and that only covers “the safety and security of shipping and the prevention of marine and atmospheric pollution by ships.” Not very encompassing, that. If any of ya’ll know more, fill us in.

[*Added 18 October] Just attended a talk by Oswald Kuyler, Managing Director of the International Chamber of Commerce‘s Digital Standards initiative, on an “Integrated Approach” by his and allied organizations that addresses “digital islands,” “no single view of available standards” both open and closed, “limited investments into training, change management and adoption,” “lack of enabling rules and regulations,” “outdated regulation,” “privacy law barriers,” “trade standard adoption gaps,” “costly technical integration,” “fragmentation” that “prevents paperless trade,” and other factors. Yet he also says the whole thing is “bent but not broken,” and that (says one slide) “trade and supply chain prove more resilient than imagined.”

Another relevant .org is the International Chamber of Shipping.

By the way, Heather Cox Richardson (whose newsletter I highly recommend) yesterday summarized what the Biden administration is trying to do about all this:

Biden also announced today a deal among a number of different players to try to relieve the supply chain slowdowns that have built up as people turned to online shopping during the pandemic. Those slowdowns threaten the delivery of packages for the holidays, and Biden has pulled together government officials, labor unions, and company ownership to solve the backup.

The Port of Los Angeles, which handles 40% of the container traffic coming into the U.S., has had container ships stuck offshore for weeks. In June, Biden put together a Supply Chain Disruption Task Force, which has hammered out a deal. The port is going to begin operating around the clock, seven days a week. The International Longshore and Warehouse Union has agreed to fill extra shifts. And major retailers, including Walmart, FedEx, UPS, Samsung, Home Depot, and Target, have agreed to move quickly to clear their goods out of the dock areas, speeding up operations to do it and committing to putting teams to work extra hours.

“The supply chain is essentially in the hands of the private sector,” a White House official told Donna Littlejohn of the Los Angeles Daily News, “so we need the private sector…to help solve these problems.” But Biden has brokered a deal among the different stakeholders to end what was becoming a crisis.

Hopefully helpful, but not sufficient.

Bonus link: a view of worldwide marine shipping. (Zoom in and out, and slide in any direction for a great way to spend some useful time.)

The photo is of Newark’s container port, viewed from an arriving flight at EWR, in 2009.

Writing is hard. And writing field notes is hard, too. I don’t think that there is enough guidance on how to do it. I’ve written about the use of ethnographic fieldnotes in scholarly written output, but I don’t think I had ever written about how to write fieldnotes and how to teach or learn on your own how to write better field notes.

Given my extensive experience as an ethnographer and fieldworker, I felt that it was important that I wrote a Twitter thread (which I am now converting into a blog post) on how to write field notes, along with references and citations that might be useful for people to read.

While there is literature on fieldwork (and field notes/fieldnotes, whichever spelling you prefer), and on ethnographic fieldwork, I feel like there’s never an “orientation” on how to write good field notes. Here’s a partial bibliography I compiled. https://t.co/Omp2JE2T3V

— Dr Raul Pacheco-Vega (@raulpacheco) October 12, 2021

Weirdly enough, I sometimes forget what I’ve published, particularly on qualitative methods. Well, here is an editorial I wrote on how you can use fieldnotes to prompt you to write, particularly when you’re feeling blocked. Pay attention to what I cite. https://t.co/oDBHjlw6gt

— Dr Raul Pacheco-Vega (@raulpacheco) October 12, 2021

Over the past three weeks, in my Qualitative Data Analysis and Interpretation class, we have covered Coding, Theming and Writing Field Notes and Analytic Memorandums. These are classic components of qualitative text analylsis, and I discussed them in great depth. I believe that’s part and parcel of QDA.

But I want to emphasize what Maxwell 2013, p. 91 says: “there is no cookbook for qualitative methods”. I keep telling my students that qualitative analysis is extremely iterative. We try something, we code one way, see if it “sticks”, code another way, reframe, rethink. pic.twitter.com/Iv0j2eH8as

— Dr Raul Pacheco-Vega (@raulpacheco) October 12, 2021

In my Qualitative Data Analysis and Interpretation class, I went over what I believe is the core of a field note: I use a notebook, and on one side, I write my observations of whatever I am studying, alongside with the date and time. I make detailed notes (also noting on the left hand side of the page). Usually, the left hand side of the field notebook pages serves me to note my own emotions, the context, etc. This is not an uncommon approach (left hand side “emotions/context”, right hand side “phenomenon we are observing”) but others may use a different approach to mine.

As most of the respondents to my question of whether they would allow someone else to see and re-code their field notes noted, field notes are extremely personal, and may contain personal data that can be sensitive (all responses were AMAZING).
https://t.co/KI3fuPcihL

— Dr Raul Pacheco-Vega (@raulpacheco) October 12, 2021

But in my view, that’s also part of why it’s so hard to teach how to write good field notes: many/most of us may not be willing to show anybody else our field notes (for privacy/sensitivity issues, but also because they are primarily for us). And yes, despite good books on field notes.

… I have come to regain love for other three books:

Sanjek https://t.co/KdT7W1PPuH

Vivanco: https://t.co/WrGlNIw4jW

Emerson, Fretz and Shaw: https://t.co/4LCAaxQ3Zv

To note: ALL three books are excellent on the topic of ethnographic field notes. None disappoints.

— Dr Raul Pacheco-Vega (@raulpacheco) October 12, 2021

Now, here’s the thing: you can teach how to write field notes, and how to write GOOD field notes, but then there’s the question of how do you write good ETHNOGRAPHIES? As I have taught my Qualitative Data Analysis and Interpretation students, my own personal bias is that a field note and an analytic memo are DIFFERENT.

Several authors agree with me (fieldnote is a record of my observations, analytic memo is a reflection of what I recorded in the fieldnote), including Saldaña 2013, p. 42, from where drew this quotation.

Here’s my personal view (RPV): we need to teach GOOD fieldnote writing. pic.twitter.com/bHXrf3I55j

— Dr Raul Pacheco-Vega (@raulpacheco) October 12, 2021

But to teach how to write good fieldnotes we also need to educate our students on how to write excellent ethnographic prose. For that particular purpose I have two suggestions:

1) Read A LOT OF ETHNOGRAPHIES, particularly book-length.

2) Read books on how to write ethnography.

For (2), I have two books I want to recommend: Kristen Ghodsee’s “From Notes to Narrative” https://t.co/l5SJDByHV1

Ghodsee does something rarely done (from what I’ve read): she walks you from your fieldwork notebook scribbles to producing great ethnographies. Excellent book.

— Dr Raul Pacheco-Vega (@raulpacheco) October 12, 2021

And the second book is by Kirin Narayan, “Alive in the Writing” https://t.co/qCUayWzz7y

Narayan is spectacular in how she crafts narratives, but she also offers EXERCISES. “Here, this is how you do THIS in your writing”. Her writing is very didactic and easy to absorb.

— Dr Raul Pacheco-Vega (@raulpacheco) October 12, 2021

Teaching Qualitative Data Analysis and Interpretation has already changed me and the term is not over yet. I have been able to spend a lot of time pondering and thinking about the craft of teaching how to do good qualitative research, and it has benefited me enormously.

So, my take home suggestions. If you want to learn how to write good field notes:

1) Read books on field note writing
2) Read books on writing ethnographies
3) Read well written ethnographies
4) Practice writing field notes
5) Practice writing analytic memorandums.

and…

6) Practice writing scholarly outputs.

Hopefully this blog post will be useful to readers interested in qualitative methods.