ongoing by Tim Bray

ongoing fragmented essay by Tim Bray

FaviconDark Vegas 1 Dec 2017, 3:00 pm

I spent four nights in Las Vegas while at re:Invent. The city’s daytime aspect is kind of flat and low-contrast because who cares what it looks like then? Photographers there come out like vampires after dark. I took along the ludicrous “Achromat” lens for the sparklies, so got ’em if ya want ’em. Also hotel, music, and venue recommendations you won’t want to miss.

Let’s start with the sparklies.

Vegas streetlights, sparklified South Las Vegas Boulevard, sparklified Vegas, The Flamingo, sparklified

That lens sure is fun. Not to mention the effect when you tell your table-mates you brought along your Las Vegas Lens and pull a whole lot of tubular gleaming brass out of your bag.

The Bellagio & its fountain

Veterans of the strip may wonder how this picture came to be. Reflections in a window were involved.

Bellagio and its neighbors

The first time I’ve stayed there, and I think I’ll go back. The rooms are nowhere near as glam as in recent-Strip joints like the Wynn or Aria, but things pretty well just work, the casino is less sprawly, and it’s kind of in the middle of things, and then there’s that view if you pay up for a Fountains room.

Bellagio fountain

That picture is an outtake from a two-minute video shot from my 20th-floor room, with faint tinny sound. Taken with the Pixel 2 and really not bad; note how the vibration control squashes the effect of my chronically shaky hands. Warning: It’s 124 MB! The full-size 4K version, which looks glorious on my 15" retina screen, is 710 MB; yow.

That picture doesn’t really capture the scale of the thing; here we are down on the street watching the watchers.

People watching the Bellagio fountain

Sitting at the desk in my room working on my speech, I was amused by the fountain-maintenance process. They could do better, because every time I’ve watched the fountain, there’ve been annoying imperfections: jets that don’t jet, lights that stay dark.

Fixing the Bellagio fountain

I’d like to see someone get ambitious with the fountain music, maybe something by Phil Glass or *gasp* a rock & roll piece. That wouldn’t be very Vegas I guess.

Doubling Down with the Bastards

That would be Thee Swank Bastards, a surf-guitar band, playing at the Double Down Saloon, located not that close to the Strip. They offered a couple hours of pure pleasure.

Thee Swank Bastards at the Double Down Saloon Thee Swank Bastards at the Double Down Saloon

The woman playing bass in the first picture spent most of the night in showgirl mode; her costume, especially the gloves, was fabulous, and she threw in some tasteful striptease. She and the band were having nearly-infinite fun and the standard of surf-guitar playing was impeccable. You can loathe America’s politics and many of its cultural tropes, but no other nation comes close at the pure joyful ecstatic madness of low-rent rock&roll; a tip of my hat across the border.

The Bastards leavened their set with appalling, filthy, dumb jokes whenever they stopped playing. The only one I remember is “What’s the difference between Jesus and a picture of Jesus?” “You only need one nail for the picture.”

As for the Double Down, it’s uh, sincere. A whole lot of tattoos and beards and ripped tights. The big sign on the wall says “Shut Up And Drink”, the one on the bar with embedded poker machines says “Shut Up And Gamble”. We thought about ordering the bacon martini, but nobody did. The Bastards play the Double Down the last Wednesday of every month, and if you’re in Vegas I recommend dropping by.

People, watching

(The people are more interesting after dark, too.)

Guy in a bar in a casino

Watching his phone In a swanky casino bar.

In the Double Down Saloon audience

Watching the band at the Double Down.

Watching the numbers

Watching the numbers.

I actually still don’t like Vegas very much. My camera does though, but it only comes out at night.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconUnapocalyptic Software 27 Nov 2017, 3:00 pm

The Atlantic published The Coming Software Apocalypse by James Somers, which is full of dire warnings and strong claims. Here’s one: Since the 1980s, the way programmers work and the tools they use have changed remarkably little. My first programming job was in 1979, I still construct software, and I can testify that that assertion is deeply wrong, as is much else in the piece.

I would very much like to place an alternative view of my profession before the people who have consumed Mr Somers’, but I wouldn’t know how, so I’ll just post it here; maybe an Atlantic reader or two will stumble across it.

Oops

When I read this piece I tweeted “Reading non-coders’ words about coding is… weird.” That was wrong because there’s plentiful evidence that he’s a well-accomplished developer. So, apologies. But he’s still wrong.

Wrong, you say?

First of all, the people Somers describes, who write the matter-of-life-and-death logic at the center of the systems that dispatch 911 calls and drive cars and fly planes, are a tiny minority — it’s like a dog-care piece focused on wilderness search-and-rescue dogs. There’s nothing wrong with that kind of dog, nor with the people who program safety-critical systems, but I’ve never met one, and I’ve been doing this for almost four decades.

There’s another problem with Somers’ piece: its claim that writing code is passé, that we’ll be moving away from that into a world of models and diagrams and better specifications and direct visual feedback. This is not exactly a novel idea; the first time I encountered it was in a computing magazine sometime around 1980.

Yes, the notion that you build complex interactions between computing devices and the real world by editing lines of code feels unnatural and twisted, and in fact is slow and expensive in practice. We’ve been looking for a better way since I got into this game; but mostly, we still edit lines of code.

And as for the sensible-sounding proposal that we just write down our requirements, not in code, but in something much higher level, in such a way that a computer can understand them as written and execute them? That’s another old and mostly-failed idea.

So, Somers is wrong twice. First, in asserting that software is moving away from being built on lines of code (it isn’t), and second, that the craft of constructing software isn’t changing and getting better (it is).

So, what do you actually do, then?

Glad you asked. All sorts of things! We developers are now some millions strong worldwide — almost certainly more than ten million and I suspect less than fifty; but it’s hard to measure.

As in most professions, most of the work is strikingly pedestrian; discovering what our co-workers need their computers to do, and also what their managers want, and trying to arrange to keep these tribes happy and at peace with their computers and each other.

To a huge extent, that involves acquiring, deploying, and configuring software that was created by others. Thus, a lot of time in meetings, and then even more figuring out how to make the travel or scheduling or amortization app do what people need done.

On the other hand, some of us write software for rockets, for music synthesizers, for Pixar movies; all these things have an obvious cool factor. And others (surprisingly, among the most-admired) write “low-level” software, useful only to programmers, which underlies all the software that is useful to actual humans. There are many kinds of this stuff: for example “Operating Systems”, “Database kernels”, “Filesystems”, “Web frameworks”, and “Message brokers”.

Software is getting better

Let me be more specific: Compared to back when I was getting started, we build it faster and when we’re done, it’s more reliable.

The reasons are unsubtle: We build it faster because we have better tools, and it’s more reliable because we’re more careful, and because we test it better.

Reviewing

The big software builders (for example Amazon Web Services, where I work) have learned to follow simple practices with big payoffs. First, those lines of code: They never get put to work until they’ve been reviewed by a colleague; in the vast majority of cases, the colleague finds problems and requests changes, arguments break out, and the new code goes through several revisions before being given the green light. For major pieces of infrastructure code, required approval from two more reviewers, and ten or more revision cycles, aren’t terribly uncommon.

Unit Testing!

Software is constructed of huge numbers of (mostly) very small components; we use names like “functions”, “routines”, and “methods”. They are the units that Unit Testing tests. The unit tests are other pieces of software that feed in many different pieces of data in and check that what comes out is as expected. There are commonly more lines of code in the unit tests than the software under test.

We have loads and loads of tools specifically set up to support Unit Testing; among other things, when you look at those lines of code, there’ll be a vertical bar in the margin that’s green beside lines of code that have been exercised by the unit tests, red beside the others.

These days, we don’t always demand 100% coverage (some code is just too routine and mundane) but we expect anything nontrivial to be covered well by the tests. I think the rise of unit testing, starting sometime not too long after 2000, has yielded the single biggest boost to software quality in my lifetime.

There are other kinds of testing (“Integration”, “Smoke”, “Fuzz”) and we use them all, along with tools that read your code and find potential problems, just like Microsoft highlights your spelling mistakes.

Night and day

It doesn’t sound like much. But seriously, it’s like night and day. Does it sound a little tedious? In truth, it is. But also, our tools have been getting better year over year; programming in 2017 is really a lot more pleasant than it was 2007, 1997, or 1987.

It’s like this: You sit down to improve a piece of software, make a couple of changes, and suddenly a lot of unit tests are failing, leaving ugly red trails on your screen. (In fact, if you made changes and didn’t break unit tests, you worry that something’s wrong.) But then you dig into them one by one, and after not too long, it’s all back to green; which is really a good feeling.

I’m not going to argue that the advanced methods Somers enumerates (being model-driven, state machines, things like TLA+) are useless, or that they’re not being used; I personally have made regular use of state-machine technology. But by and large they’re side-shows. We build software better than we ever have, and it’s just a matter of reviewing and testing, and testing and testing, and then testing some more.

We’re not perfect. But we’re really a lot more grown-up than we used to be. And, relax: There’s no apocalypse on the horizon.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconDo You Love Any Dead People? 19 Nov 2017, 3:00 pm

I think most of us do, so if you’re in Vancouver around Hallowe’en, you should go visit A Night For All Souls. Even if everyone you love is still alive, you should go anyhow because it’s full of extreme ethereal dark-hued beauty.

All Souls is in Vancouver’s Mountain View Cemetary, where I’ve often taken pictures and played Ingress before; it’s central and, yes, has a terrific view of the mountains. The project is city-funded and I hope they go on funding it.

The concept is simple: After dark there are soft lights everywhere, many of them in little shrines you can visit and write a message or light a candle.

Night For All Souls

There is music of some sort; this year, the performers were scattered round the graveyard, synchronized somehow electronically, and the music was dreamy, full of sweet slow shifting shapes

Musician at the Night For All Souls Musician at the Night For All Souls

Some shrines are themed: I recall those dedicated to overdose, and to suicide.

Suicide-themed shrine at the Night For All Souls

There is a certain amount of spirituality but little overt religion.

Shrine at the Night For All Souls

I’m not spiritual in the slightest, but it’s not possible to be unmoved.

The Night For All Souls The Night For All Souls

It’s just lights in the dark for a while at the end of the day, but at the end of the day that’s all we can really hope to be.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconDueling Camera Apps 18 Nov 2017, 3:00 pm

I got a Pixel 2, largely because it’s said to have a really great camera, with software-driven magic — machine learning at work. Here are two shot comparisons between the Google and Lightroom Android camera apps to see what that means in practice.

Why Lightroom?

Given a choice, I prefer the Lightroom app to Android’s. It has better, more intuitive ergonomics, including a level; makes the phone feel more like a camera. Also, you can edit in the Android version of Lightroom, which has basically the same controls as the desktop version I live in. Also, it shoots and edits DNG “RAW” files. Finally, anything you don’t erase is synced through the Adobe cloud and is auto-magically there in my Mac Lightroom’s “All synced photos” collection. (Yes, even in the Lightroom CC Classic version.) Not only that, but when I edit it on the Mac, the edits are synced back to the phone, so I can show people the improved versions while we’re having lunch. A pretty sweet package, all things considered.

There is a fly in the ointment. The Lightroom app’s pix’s names may end with “.dng” but if you’re used to the massive depth of the files like the ones I get from my Fujifilm XT-1, where you can pull lost beauty out of darkness or dazzle, you’ll be disappointed. Sure, you can pull the “Highlights” slider down or the “Shadows” slider up, and it sort of works, but not like with real camera files.

When it doesn’t matter

These days all cameras are great, given enough light and an appropriate subject. I’ve pretty well totally stopped using the 10-24mm wide-angle with the big camera because my phone is basically Good Enough.

So if we’re going to compare these apps meaningfully, we need to work with hard-to-take pictures that stress out the sensor; the most obvious examples are low light and high contrast.

Well, in November in the Pacific Northwest there really isn’t that much high contrast, but we got plenty of low light. I tried for a different kind of high contrast anyhow like so.

Vancouver night street scene Vancouver night street scene

I’m going to call this one pretty well a wash. The Android-camera version achieved slightly sharper focus, but that’s not really the point in an impressionistic piece like this. What’s significant is that I had to put in a couple minutes photo-editing on the Lightroom DNG to get it to look as good; the sky had a bit of grey luminance noise and the whole scene leaned yellow. Having said that, I like photo-editing.

Oh, I didn’t say, did I? It’s Lightroom above, Android below.

So what the Android camera is doing here is taking whatever comes off the sensor, putting it through a little photo-editing session right there on the camera, giving me a JPEG, and saying, in effect, “don’t bother your pretty little head about how I got this.”

Finally, I’m usually really happy with Lightroom’s photo-export software, but in this case both pix lost some life, in particular in the trolley-wire sparkles and taillight reds. I’m going to have to try some new tricks.

Also worth noting: These are not terribly difficult or challenging for the sensor: The objects in the picture are pretty well self-illuminating.

When it matters

Here’s a hard one, our new calico cat, asleep on the sofa after a hard night of watching Star Trek Discovery with Mom & Dad. This is a softly-lit book-lined room with black furniture and a dark floor. And, in this case, Android pretty well wiped the floor with Lightroom.

Cat, by Lightroom Cat, by Android Camera

Once again, Lightroom above/Android below. That Lightroom version has been heavily edited, and it’s still not close. The Android version has truer colors, better focus, and less noise. I’m seriously impressed with whatever is going on inside that app.

You know, when you look at the two of these side by side in Lightroom on my 15" Retina Mac screen, it’s like night and day. But as I look at the 720-wide presentation here in the blog draft, I wonder if the differences really matter.

More on the Android app

It’s nice, but trying too hard. No, I don’t want a little slab of video prepended to my photos so they shimmer into place (and can’t be edited). No, I don’t want color-balance modes, since the ML seems to get that right.

Also, since everything is apparently auto-magically cloudified, there ought to be an easy/automatic way to get the full-rez versions of the pix out of the cloud and into Lightroom, but I haven’t found it yet. For the moment, I share from the phone to Dropbox, and Lightroom is happy pulling from there.

Also it’s dumb that I have to switch apps to edit the photo I just took, and then the editing controls are all presets and oversimplification. Having said that, the app has a Chromecast button, which is super nice.

What next?

For shots that don’t challenge the camera, I’ll go on using Lightroom; it’s a better shooting experience and better integrated with my workflow. When it gets tricky, I’ll bring that Android ML to bear.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconVintage Nauticals 4 Nov 2017, 3:00 pm

We keep our boat at Horseshoe Bay, a pretty little place when approached by land. Boaters inbound by ocean come face-to-face with a huge antique float/pier/breakwater kind of thing, whose ugliness I’ve long found magnificent and which today I took the time to tour and photograph.

Vintage Nautical

Turns out this huge steel thing is afloat, actually; here’s how it’s fastened to the land. Those are big chains and huge truck tires.

What happened was, I was out winterizing the boat. Vancouver missed autumn this year, snapped over from 18°C Indian-summer to basically zero more or less overnight. Today a few snowflakes drifted down and I was wearing a nontraditional Canadian boating toque. You can see snowflakes in all but one of today’s photos, if you look closely.

I’d neglected my camera and was thus shooting with the Pixel, really not much of a handicap for daylight photos when they’re close-ups and big landscapes. Here are one of each.

Vintage Nautical

Wow, this thing is, well, “going back to nature” doesn’t feel like the right phrase. But there’s definitely an entropy gradient.

Boat approaching Horseshoe Bay

I’ve been using the Lightroom camera app, which is a little on the slow side but has nice controls and pulls the raw bits off the sensor, and I like the app’s editing primitives. But in recent weeks it’s become unusably crashy — I’ve already cleared its data once to no effect — so my fallback is the well-regarded native Android Camera app. It’s quick and the pix look good, I have to say. And while Lightroom claims to be shooting RAW and indeed emits DNG’s, they don’t contain anything like the amount of hidden potential a good RAW file from a real camera exhibits. So the native Android JPEGs are not making me unhappy.

I have to shuffle them through DropBox to get them on the Mac so I can prettify them with Lightroom; I miss Adobe’s nice smooth mobile/PC sync. Anyhow, I thought Lightroom did a nice job on this monochrome.

Vintage Nautical

This float is quite a structure. It’s not solid, it’s sort of a frame so you can look down at the ocean in the middle. Well, you could, except for that piece of water is stacked up with old styrofoam, the kind that’s used to make floating docks float.

Vintage Nautical

This picture isn’t beautiful or anything, but
there’s a lot happening, top to bottom, left to right.

As for the boat, I installed its low-level winter heating apparatus, ran the engine for a bit, set up support poles to protect the canvas cover from heavy snow, and adjusted the lines against winter storms; then went for a burger and beer at the waterfront alehouse.

That’s a satisfying early-winter half-day.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconWorking at Amazon 26 Oct 2017, 3:00 pm

Sometimes when we’re trying to hire a senior employee, I get asked to do a “sell call”, tell them what it’s like to work here. Since I’m coming up on three years and haven’t quit, I guess the supposition is that I’ll be positive. Since these candidates are outsiders and some of them don’t come to work for us, nothing I can say can be a secret. So why don’t I tell everyone?

Before I dive in any further, everything here relates to AWS, not Amazon as a whole. It might be true of the retail side too, but I don’t know because I don’t work there.

So, what is it like to work here?

Customers

That’s the big deal. AWS has over a million and you get to meet them all the time, and while there are lots of geek introverts who might not like that, I do. Anyhow, lots of the customers are geek introverts too.

When you ship low-level horizontal general-purpose technology, there’s no way to predict what people are going to do with it. Which in practice means that you’re going to be shocked by the way it gets used. For an old guy like me it’s hilarious to hear the kid engineers looking at a bug report or feature request and saying “WTF, why would anybody want to do that?”

Me, I like computers, and I like hearing about interesting things people do with them, and it makes me happy when the things they do work out well, especially when I helped build what they’re using. I could tell you stories that’d curl your hair (or straighten your wavy locks) but they’re not mine to tell.

Anyhow, if you like talking to customers you’ll like working here, and if not, probably not.

Uptime

It matters more than anything. Some of our services are cooler than others, but what I think customers care about most is confidence that the services, cool or boring, will be there 24/7/365. What that means is that everything has to be automated, and much of the most brilliant engineering at AWS, done by some of the smartest people, does its work behind the scenes where nobody will ever see it.

So if you’re the kind of person who, for example, thinks figuring out a better way to automate detecting hot-spots in back-end clusters and re-routing traffic to cool things down is interesting work, then you’ll like working here. If not, maybe not.

Only maybe not, because we have lots of people who wrangle JavaScript frameworks and mobile SDKs and build tools and database kernels all day. But operational automation, that’s the heart of the matter.

Being document-driven

Go ahead and Google “Amazon six-pager” if you haven’t already.

If you’re the kind of person who’s OK with spending a lot of time constructing carefully-written narratives, and being in meetings that start with 20+ quiet minutes while everyone reads the narrative, you’ll like working here, and if not, definitely not. Disclosure: I’ve written over a million words on this blog so I’m seriously predisposed to like this part.

There is one downside: Suppose you’re an author of the document being read. It can be simultaneously crushingly boring and twitchingly nervous while AWS’s senior leadership plows their way through your words in stony silence.

The actual software

I don’t think anyone would be surprised. The services are usually conventional RESTful services, usually composed of multiple microservices, usually in mainstream programming languages using mainstream programming frameworks, We use conventional compilers and debuggers and IDEs and frameworks for HTTP and unit testing and integration testing and dependency injection and so on.

Yes, there’s some secret sauce voodoo down in the infrastructure that’s pretty magical. But most of us don’t work on that most of the time.

What’s unusual is the proportion of the code focused on availability and data durability. But you already knew that. We also care a lot about doing better than O(N), because N is typically so freaking huge at Amazon. I personally seem to end up working mostly on message processing of one kind or another which is sort of stuck on O(N) in the number of messages, so we’re often left with micro-optimizations.

You know what makes me happy? One little library I wrote is currently being used by several different teams to efficiently do a useful thing on a million-ish messages per second in aggregate. There aren’t that many places where your code gets that kind of opportunity.

Organization and culture

The teams at AWS have a huge amount of independence. If you’re on a team that’s trying to ship something or operate something or improve something, that’s generally great; nobody will get in your way. On the other hand, if you’re trying to build something that works across multiple service teams, it can give you grey hairs. But I already had those; and it’s mostly a feature not a bug.

Corporate “culture” is a thing I find it hard to be articulate about. I find the asshole density nonzero but lower than average. We are trying to do very difficult things and we fail a lot; Mature technology companies try make those teachable moments, and we do a pretty good job of that. There is [*gasp*] politics. I’m going to argue that the proportion of really bad managers is unusually low; but that’s just an anecdote, wouldn’t know how to measure it.

My time rarely feels wasted.

Money?

If you work in a tech job at any large high-tech company, you’ll be well-paid by any reasonable standard. Want more than just “well-paid”? The brutal truth is that the way high-tech compensation is structured, you’re making a bet on your employer’s share price. If it goes up really a lot while you’re working there, you’re gonna make out like a bandit, and if not, not. All these things are as true at Amazon as anywhere else. Welcome to twenty-first century capitalism.

What sucks?

After I’ve talked through all this stuff, the person who might come to work for us wants to hear about the downside. Fair enough.

I guess the biggest one is that we’re not perfect at operational automation, so everything we fail to automate, every combination of compute and network and storage failure we weren’t smart enough to auto-remediate in advance, has to be dealt with manually. Which means people have to be on-call and yeah, sometime the phone goes off after midnight.

The good news is, we’re getting better, learning how to build automation in at the core. Which means that the fresh new AWS services are better at self-maintaining and self-healing, so on-call sucks less. On the other hand, the older services tend to have bigger teams and thus less on-call time per person, so it evens out.

But there are some people who sufficiently dislike the prospect of that occasional wee-hours page that they just don’t want to stick around with us. Fair enough.

I dislike our office-automation setup, but then I’m the kind of person who really likes Google Docs and Calendar and Gmail, so maybe I’m an outlier.

One more thing: Most jobs at AWS, you’ll never be able to explain to civilians what it is you do for a living. I generally say “I help keep the Internet running” and you know what? That’s not a total lie.

On balance

I could go on about diversity and work environments and benefits and process and promotion and so on, but at the end of the day it’s just another high-tech company, nothing surprising.

I don’t really need the money, but I haven’t quit.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconLive Metal is Better 13 Oct 2017, 3:00 pm

Recently I went out for a live metal triple-bill, with Endon and SUMAC opening for Boris, whom I’ve covered here before (with groovy pix). More pix today, with words on the history and meaning of metal, and how to photograph it.

Endon, the openers, are described as catastrophic noise metal and yeah, they were pretty catastrophic. A little too abstract for me, but sincere and really trying to bring it. Didn’t get any pix.

Here’s my problem: I wholeheartedly love this music, in particular live, and yet I have to acknowledge that it’s sort of, well, ridiculous. The volume is much louder than can be sanely necessary. The choreography is all moves invented around 1970 by Robert Plant or Jon Anderson or someone like that. The musical content is built monomaniacally around a single sound, that of an overdriven guitar amp.

SUMAC (on Bandcamp) are very traditional metallistas; the poses, the riffs, the look, the barked vocals.

SUMAC guitarist

Metal is harder to photograph than many other genres, because they like to keep the stage dark, and bathed in subdued reds and blues that stress out the poor sensor. Sometimes you get an incredibly dramatic color treatment, but often the best bet is just to switch to high-contrast B&W.

Wikipedia says the guitarist is Aaron Turner and the bassist Brian Cook, but their picture doesn’t look like this guy.

SUMAC bass player

Analytics

Metal’s not just one thing, there are many linked strands in its fabric. Check out Heavy metal genres over at Wikipedia (part of WikiProject Metal). For more fun, consider the heavy-metal documentaries by Canadian sociologist Sam Dunn. I haven’t seen them all, but I can heartily recommend Metal — A Headbanger’s Journey, his first, which dives deep, deep, deep, on the subject and is also full of heavy guitar riffs. Best played loud.

Dunn points out that while you can argue all you want about the birth of metal, Black Sabbath usually gets the most votes. I’d go further: It helps that I’m old and was thus there at the time. It was in 1970; I was fifteen and we were visiting my cousin who was a couple years older and infinitely cooler. “Come listen to this record” he said, and put on Sabbath’s eponymous Black Sabbath. Go listen (not to the flavorless sample on the Wikipedia page, the real thing’s all over the Internet). It’s all there, and I mean all there in the first 1:08. Portentous thunderstorm noise, church bell, then four repetitions of a beautifully-heavy three-note riff. No vocals, no nothing, just that awesome guitar tone. I hadn’t imagined that such a sound could exist in this world and my life was never the same after.

There’s more to the song, some pretty good singing from Ozzy and of course the explicitly Satanic lyrics. But Heavy Metal is basically about taking those sixty-eight seconds and building a hundred subgenres and a rabid following around them. I don’t think the occult angle was initially necessary; but it was a clever move by Ozzy and Geezer, and got dragged along with that guitar sound in later years.

Enough history and sociology.

Boris

Like I said, the good pictures of Boris are here. On this outing, the lights were darker and the fake-fog flow almost continuous. This time around, they obviously and by design wanted to play behind a curtain of bright red/blue/violet smoke; which as an artistic choice, is nicely harmonious with their music, which itself is nicely harmonious albeit crushingly loud.

For this outing, I rented the Fujinon 23mm f/1.4 from Beau Photo, and the wide-open/wide-angle combination was helpful. But it was still tough; here’s what I got.

Boris in 2017 Boris in 2017 Boris in 2017 Boris in 2017

Pro tip: When the last opener quits playing, you can almost always snag a great photographers’ spot up near the front of the stage. And then, after the first few songs, it’s polite to turn it over to a fellow fan. On this occasion I was dead center and had the rare experience of live metal in stereo, with Wata’s amps to my left and Atsuo’s to my right. Cool!

Yes, Wata picked up an accordion for a couple tunes. The general sound is remarkably like her guitar, but doesn’t allow for her rare-but-wonderful excursions up the neck into screaming-treble territory.

Altar

Damn, I love their music. Wata’s guitar tone is up there with the greats, and the beauty of their crushing melodious drone is not equalled by anyone except maybe Sunn O))); and it’s worth mentioning that the Boris/Sunn O))) collaboration Altar is a very beautiful piece of music.

Other Boris outings that I strongly recommend are Pink (from 2005) and the much more recent Attention Please.

Why it’s OK to love Metal

I mean, I’m old and completely out of fucks to give about what others think of my tastes. But still…

First of all, Metal is serious music. Given the size of the crowds at this point in the 21st century (small), it’s no road to riches. And the players are completely oblivious to issues of packaging and pandering. And if you actually listen closely past the surface of the roar, the music is constructed with care, and then obviously the result of endless practice and dedication to the craft. It may lack a backbeat and a catchy chorus, but there’s beauty aplenty in there.

I’ve quoted Sasha Frere-Jones, erstwhile New Yorker rock critic, before on this subject, but he said two things that are worth repeating. First, “Get past the novelty, though, and you find a level of passion and an attention to detail that make a number of mere rock bands look lazy.” And “You may eventually find a TV that is sufficiently large that it makes going to a movie theatre pointless, but you are never going to replicate anything like a black-metal show at home, no matter how fancy your stereo is.”.

Metal people

There are very few gatherings in the world at which I feel totally at home. Examples are O’Reilly’s OSCON and an Amazon principal-engineers’ gathering. But a metal concert is another. Here’s the cute end of metal style.

Metal fans

Aren’t they adorable?

When I was young, I aspired to hair like that, but mine was always too thin and stringy, and now I don’t have much. But the crowd included grizzled hardasses with facial tattoos, a couple of subgroups of Japanese extreme-music culture that I don’t begin to understand, and then a lot of ordinary people off the street who just share the love of this extreme, crazy, deadly-serious art form.

It’s OK to crowd up to the front and stand there like a post. It’s OK to head-bang when the beat picks up. It’s OK to sit motionless in the back row, eyes closed. It’s a perfectly fine thing, in 2017, to be a greybearded metal-head.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconMacro Trends 7 Oct 2017, 3:00 pm

In The bubble without any fizz, The Economist addresses the fact that financial-asset prices (stocks, bonds, and the like) keep drifting up and up in a world where inflation doesn’t; are we in a mega-bubble? What’s really going on? Looks obvious to me, but then I’m a left-winger. I think it’s all a straightforward consequence of economic efficiency and class warfare.

Inflation?

It stays low because our globalized economy is hyperefficient at making the things we want, extracting the fuels we burn, and growing the food we eat. And also flexible enough that it can scale up and down to meet demand without apparently kicking off waves of inflation or bankruptcy.

All of which is true, but I think the effect of class war is even bigger. Let’s start with a picture.

Labor is losing out

From Drivers of Declining Labor Share of Income, published by those commies at the International Monetary Fund.

Unions are in retreat and conservatives rule in the great economies of the developed world. Generation Z is being forced into the gig economy, into low-agency, low-paying, no-commitment jobs where being a shift lead at Starbucks is an aspirational goal.

When you don’t have to pay people much, well yeah, you get low inflation.

Financial Boom?

When it’s the prices of household goods, they call it “inflation”. When it’s financial assets, they call it “a bull market”. But the cause is the same: Too much money chasing too few targets.

It’s like this: There’s a surplus of accumulated wealth (see Piketty), and the people who hold it can’t possibly spend it on goods and services — how many yachts can you waterski behind? So they throw it at financial products, which then inflate.

I think this is bleedingly obvious, but that’s possibly because I’m a citizen of the technology scene, and of Vancouver. In the venture-capital business, there’s just way too much money chasing way too few unicorns. Go to a startup showcase sometime and hear the pitches, see who’s getting funded. If you’re like most people, you’ll leave shaking your head.

I also sit in Vancouver, which is experiencing severe inflation, in our housing sector. Since Vancouver is a relatively low-paying city, not just on a world scale but compared to its Canadian peers, it’s obvious that global capital is part of the problem. Our real-estate frenzy has become an international news story (it appears in the Economist piece linked above), but I un-humbly think my own 2015 Game of Homes captures the essentials pretty well.

So, what do Vancouver real estate and financial instruments have in common? Limited supply, that’s what. Check out A Dearth of I.P.O.s, but It’s Not the Fault of Red Tape ; not only has the IPO rate plunged (from 706 in 1996 to 105 in 2016), so has the number of public companies (from 7,322 to 3,671). Declining supply, increasing demand, d’oh.

Other financial assets, e.g. bonds, may not be as supply-starved (I couldn’t turn up good numbers) but it stands to reason that when companies all over the world are reporting robust profits (class war, remember?) they probably don’t need to borrow as much. And (as The Economist notes) when investors are driven to buying 100-year bonds from Argentina, a nation that has defaulted on its bonds six times in the last 100 years, you know they’re getting desperate.

More evidence, were any needed, of the global capital surplus? How about the $21 trillion being hidden from the tax-man here and there around the world?

What next?

Beats me. The sad thing is, I don’t see any reason why things can’t go on the way they are for the foreseeable future. Objectively, it would probably be good for the world if a lot of the accumulated wealth was just vaporized. Unfortunately, the only way that seems to happen historically is in major wars, as Piketty’s graphs illustrate. Which nobody wants.

Then there’s the leftist world-view, for example On the Left from last year. Tl;dr: Tax wealth, force radical transparency on asset ownership, jail business criminals, offer universal basic income. Works for me; but I’m still looking for the right political party.

There’s just too much money out there not doing anything particularly useful.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconRefresh Is Sacred 27 Sep 2017, 3:00 pm

There are two kinds of client applications: The first kind has a “refresh” or “reload” button to make sure your app’s in sync with its server’s view of the world. The second kind is broken.

Refresh

Of late, I have to deal regularly with several apps, notably including an emailer and a car-sharing service, that lack such a button. I can imagine why — a customer-focused product manager said “Steve Jobs taught us that fewer controls are better and we should just take care of making sure we’re in sync with the cloud. So lose the button.”

Except for, it doesn’t work. Apparently nobody in the world is smart enough to arrange for flawlessly reliable hands-off client/cloud synchronization. There are times when you just know that what you’re seeing on the screen is wrong and if the stupid app would just take your word for it that its world-view is stale and ask for a brain transplant from its server, things would be OK.

The car-share app is particularly aggravating, showing me a map dotted with nearby vehicles when I know for sure that this time of day I’ll be lucky if there’s even one within walkable distance. Since it totally refuses to sync, I have to switch to the Android “recents” screen and kill it. When I re-open the app, it’s OK.

Why might this happen? Well, maybe switching from WiFi to cell data (or vice versa) left some layer confused about network truth. Possibly, because your app was written in a programming language with multiple threads and shared mutable state (silly, silly programmer), the cache is malfunctioning. Maybe that same thing happened on the server. Or in the CDN. Or maybe there’s an obscure hiccup in a distant node_modules dependency that you’re tickling.

Dear product managers: Show some humility. When a customer really thinks your app is wrong and they know how to fix it, don’t get in their way.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconYou Might Be Evil 20 Sep 2017, 3:00 pm

Or at least, your employer might be. Over the years we in the tech sector have gotten used to being well-regarded. After all, we make people’s lives better, on balance. That’s changing. At the moment it’s rumblings from thought leaders, not pervasive popular anger. The other thing that’s new is that they’re thought leaders who are progressives and liberals; just like most of us in the tech professions. It notably involves the M-word and those of us on the inside need to be thinking about it.

The general public, by and large, love reading the news of their friends and the world on Facebook, buying stuff cheap on Amazon, using Google maps and mail for free, and using recent Windows releases at work.

But these days, it seems like every other day I read a chilling anti-tech rant, usually written by someone smart, articulate, and (like me) leftist. Here are a few recent offerings:

  • A Serf on Google’s Farm: About how the advertising end of the business fails to combine customer support and scalability, and what it feels like to be a minor customer: “It’s a bit like being assimilated by the Borg. You get cool new powers. But having been assimilated, if your implants were ever removed, you’d certainly die.” “Google is so big and so powerful that even when it’s trying to do something good, it can be dangerous and frightening.”

  • You can’t quit Facebook, a Twitter rant by Matt Stoller: “Your data and identity is trapped inside a machine that spends huge $$$ to addict and manipulate you, your friends, and your culture.” “We cannot as individual consumers resist the tens of billions spent to manipulate us. But we as citizens can do so through politics.”

  • Margrethe Vestager’s growing American fan club, on the savvy Eurocrat who’s been tormenting Google, Apple, and Facebook: “There is growing concern … about bigness and size, and power because power corrupts absolutely.”

  • There’s Blood In The Water In Silicon Valley: “This sort of political change happens slowly until it happens fast. Uber provided a new model for a transformative tech giant to crash through with a dark, negative brand.”

  • Facebook’s Heading Toward a Bruising Run-In With the Russia Probe, interesting not so much for the Russian angle but for the visceral contempt for Facebook: “Facebook’s ‘internal policies’ amount to a kind of Stepford Wives version of civic liberalism and speech and privacy rights, the outward form of the things preserved while the innards have been gutted and replaced by something entirely different, an aggressive and totalizing business model which in many ways turns these norms and values on their heads.”

Disclosures

I’m not going to claim my curation is unbiased. I left out Microsoft because, weirdly, nobody seems to hate Microsoft that much any more. I certainly don’t. I left out Twitter because it’s not actually a company, it’s a dysfunctional non-profit that accidentally provides a valuable service. I left out Amazon (although it appears in a few of those pieces) because I’d have no chance of coming anywhere near balance.

The M-Word

It’s “Monopoly” of course. If you follow the links above and read, the authors come at the tech giants from every which direction, but always ending up banging out the monopoly melody. Sometimes they say “corporate concentration” or another euphemism, because being anti-monopoly sounds kind of old-fashioned; and anyhow, shouldn’t you be talking about Comcast or United?

Not any more. A lot of smart people think it’s good economics, good policy, and good politics to aim the anti-trust gun at the tech sector. I’m not saying they’re wrong. I’m also not predicting that they’ll get any traction, particularly in the America where the short-term focus has to be on combating Nazis and pussy-grabbers.

But this is a trend that nobody in technology leadership should ignore.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconPhotos of the Sky 17 Sep 2017, 3:00 pm

I mean No Man’s Sky the game, which I’ve been playing again lately. It’s been accused of being mostly a platform for generating cheesy sci-fi book covers, but that’s not true, and also I love cheesy sci-fi book covers, so this is mostly to show you some. With a few words on the game.

Starship flying in No Man’s Sky

Oh, just flying my starship over the landscape of
a planet I recently discovered and named. As one does.

Updates

No Man’s Sky launched just over a year ago, preceded by a massive hype wave and followed by howls of disappointment when it fell short of expectations. There’ve been three major updates, each with massive additions. and it’s becoming increasingly like a “normal” game, with missions and NPC’s and economies and so on.

Its biggest charm probably remains that it’s an easy game, occasional flashes of excitement, but mostly just cruising along from star to star, enjoying the views.

Nice view in No Man’s Sky Desert-scape, No Man’s Sky Nice view in No Man’s Sky

The game is starting to add inklings of multi-player, and multiple players are self-organizing, most notably to create The Galactic Hub, which I hope to reach some day.

Aliens!

In NMS they’re, more than anything, fun. The planets have their own procedurally-generated menageries, but there are three main species you can actually have relationships with, and learn the languages of. There’s lots of back-story that you soak up as you move through the game. Here’s a Gek.

a Gek in No Man’ Sky

Aren’t they cute?

The beasts in NMS are chatty and come in all sizes, shapes, and colors. They’re more playful than scary. And like I said, it’s an easy game, any creature that attacks you is pretty well toast. But, here’s Jabba the Flowerpott.

No Man’s Sky with fat alien

My experience

In the picture just above, that’s my current starship, parked on the left. Nice ride, eh? For the cognoscenti: A decent little Samamoga 27-slot B-class fighter, modest stats but a reliable pirate-killer. Which sort of sums up my playing style. I’m busy, with a job and family; thus not a serious gamer. One of the really nice things about NMS is you can do it for an hour here and an hour there and keep progressing and never really get stuck.

Ship parked on peak, No Man’s Sky

Good parking spot!

I restarted after the 1.3 update (like a lot of others) and I’m going to keep playing till I get a freighter.

Gender

The three primary alien races you deal with do not participate in the human notion of gender. Thus, when individuals are mentioned in text (and there’s a lot of text in NMS) it’s always in a scrupulous third-person: They, them, their. It’s amazing how quickly you get used to it.

On the other hand, the beasts that populate the planets are gendered, and while male and female do appear, one also finds Asymptotic, Asymmetric, Orthogonal, Prime, Radical, Indeterminate,and Vectorised.

So the authors of NMS are having some real postmodern twenty-first century fun; which on balance is a fair description of the whole game. I’m still on board.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconCanadian Tax Wrangling 9 Sep 2017, 3:00 pm

Our media, pro and social, echo with blasts of self-righteous anger over proposed legislation which would eliminate a few popular tax dodges. Weirdly, I see no-one arguing the other side; that the tax proposals are reasonable. I think I’m qualified to make that argument, so I will. [If you’re not Canadian, you can probably stop reading here.]

The proposed tax changes

They’re summarized pretty well here. Basically, if you have a business and it’s incorporated — say you’re a doctor, lawyer, contractor, accountant, that kind of thing — you can use your corporation for tax tricks, the effect being that you pay less tax on the same income.

The tricks have been well-known for years; every competent financial advisor and wealth manager in the country tells every client about them.

Disclosures

(And I wish a few more people publishing op-eds on this subject would offer theirs.)

  1. I have a good income and pay a lot of tax.

  2. I’ve had capital gains over the years, from a successful startup and a couple of lucky investments.

  3. My wife and I have a corporation, which is useful in supporting the consulting businesses both of us have run from time to time. But we’ve hardly ever been able to use any tricks; one time by accident and acqui-hire the corporation ended up with pre-IPO Twitter shares, and we did save some tax bucks when we sold them.

  4. I was a co-founder of a company that currently has just over 14,000 employees.

  5. I didn’t vote for the government that’s making the proposals.

My feelings on tax generally? My bills are shocking, but on the other hand I’m a heavy direct user of government services: roads, bridges, public transit, bikeways, libraries, athletic facilities, public broadcasting, health care, emergency first responders. Plus, having grown up in a third-world country, I have a hearty appreciation for the rule of law and the social safety net. So yeah, I’d like a lower tax bill and I might vote for a party that had specific proposals on paying for one with cutbacks on the parts of government I don’t like.

But I generally do think that people who make about as much money as me should pay about as much tax as me.

The complaints

It amounts to a bunch of well-off people who are going to start paying the same tax rate I do explaining why they shouldn’t have to, because they work hard, create jobs, and are just all-around nice people.

Here’s an anesthesiologist who’s so upset that, he says, he and the other doctors are going to go mini-John Galt and start working less.

Here’s a guy who pays $225K in tax and says he’s “already contributing FAR more than his fair share”.

The complainers complain that they don’t get a pension. Neither do I; in fact nobody does any more, except civil servants.

They also bitch about not getting paid vacation or “any other benefits”. Oddly enough, when we’re on vacation in sunny destinations, we tend to encounter lots of doctors and lawyers and contractors and so on, so somehow they manage to get away. And now that we’re older and know a few retirees, I gotta say that the small-biz-owner contingent seems well-represented among those in their “golden years” where by “golden” I mean “rolling in dough”.

Also, do the math: Anyone who’s paying $225K in tax is a very well-off individual, with lots of room to save for retirement, and enough cash-flow to visit Maui or Cabo every winter.

But they do have a point; It wouldn’t seem completely insane to me if there were tax deductions for those whose employment situation is low on benefits. But that should be done explicitly, rather than nudge-nudge-wink-winking at small-biz corporate fiddles.

That aside, I’m sorry but I just don’t see any reason why someone who makes my kind of money shouldn’t have to pay my kind of taxes, just because they’re a small business. And in the testimonies I read, they come across as hypocrisy-drenched greedheads.

If you want lower taxes, I think there are two good courses of action: Move to a jurisdiction that has them, or do the political work to elect a party that will cut them (and correspondingly, services). Spare me, please, the “supply-side” fantasy in which tax cuts generate increased revenue. It’s been tried.

So, tax all income equally?

Maybe. In Canada, the tax on capital gains is half that on salary. The idea is to encourage people to start businesses and invest in other businesses. I’ve created businesses and invested in them too, so it’d be easy for me to say “Look, it works” and maybe I’d be right. But maybe not; I probably would have gone ahead and done those things anyhow. It’s amazing how many tax policies officially aimed at one good end or another seem mostly to result in rich people paying less.

Also I’ve started to hear progressive economists arguing against this kind of thing. And a hard-line policy of “income is income” has the advantage that people don’t pay tax consultants to fool around and try to make one kind of income look like another. So it’s not a slam-dunk.

What’s going to happen?

The politics is interesting. The people lined up against the tax proposals have loud, well-funded voices, and donate lots to political parties, so their concerns are going to get careful attention from legislators. And it’s easy to convince the public that any government tax tactic is a grubby revenue grab.

But at the end of the day the noise is coming from a bunch of fat cats trying to pay less tax than other fat cats, based on what feel like really flimsy arguments. They exude entitlement. I think the politics on this one could go either way.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconMurder at Adolf’s Cottage 3 Sep 2017, 3:00 pm

I recently read Prussian Blue by Philip Kerr. It’s good — a Fifties-Iron-Curtain spy thriller gracefully mashed up with a pre-war murder mystery set in Hitler’s Bavarian country getaway, Berghof. It’s a repeat appearance for Kerr’s Bernie Gunther, an appealingly hard-boiled veteran socialist cop who finds himself working for National Socialist management.

Prussian Blue by Philip Kerr

And yep, there are Nazis in this story; the real not tiki-torch flavor. A couple of mega-Nazis, Bormann and Heydrich, and some relatively minor odd fish like Karl Brandt and Gerdy Troost.

Nazis are convenient for a novelist, because they are reliably evil and twisted, so he can economize on characterization and leave room for plot and atmospherics. Having said that, he cuts Troost a little slack; you’d have to be a better historian than me to know whether that’s a travesty or not.

Did I mention atmospherics? You’ve come to the right place. While substantial parts of the novel aren’t at der Führer’s country digs, the ones that are bask in deep you-are-there weirdness, and (I thought) a pretty deep take on what it’d be like for the yokels in a pretty backwater when the Fascist architects come to put up palaces. Some, predictably, react a lot better than others. But Kerr doesn’t pretend the presence of any serious resistance.

Hey, and here’s a fascinating little sidelight: The lead contractor for the Berghof construction was a company called Polensky & Zöllner; some part of which apparently still exists, albeit in Abu Dhabi. Their motto: “All knowledge comes from experience”. And yeah, they’ll still build you a villa.

Oops, I got distracted. This is a fine piece of writing, intense and atmospheric and instructive and just really good fun. Recommended.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconLarge Companies Considered Harmful 30 Aug 2017, 3:00 pm

There’s a plausible case that capitalism per se isn’t the problem. Concentration is: Variations range from “too big to fail” to good old-fashioned monopoly. It’s painfully obvious that the acquisition of one monster telecom or bank or airline by another does neither their customers nor the economy as a whole any good. It’s tough to write anti-monopoly law, because how do you quantify market power? However, you can quantify size. So let’s use that as a club to bash away at the problem.

Specifically: Pick a number X, and pass legislation decreeing that no company can have more than X full-time-equivalent employees.

How big is X?

Let’s look at some data:

Employees (K)
Accenture410
Alphabet70
British Airways40
Cemex40
Comcast150
Facebook17
GE290
GM200
Goldman Sachs30
Lenovo60
Microsoft110
Netflix3.5
Qualcomm30
RBC80
Samsung300
Siemens340
Sony120
Tesla30
United80

The numbers aren’t perfect, mostly sourced from Wikipedia, rounded down to the nearest 10K above around 30K. Some people say Samsung has over 500K. The Tesla number is after acquiring Grohmann and SolarCity in late 2016.

I’m going to say X is maybe around twenty thousand. Every single one of those companies that’s 20K+ could, I think, be broken up into saner, sounder, smaller chunks that would be decent, profitable, high-quality businesses.

I guess maybe you couldn’t have a telecom that owned a national network and also had kiosks in every mall. Or an Internet giant that did email and operating systems and cloud. Or a bank that operated branches in every town of a vast nation. Or an automotive company that sold a full line of personal, recreational, and business vehicles on seven continents. All these things seem OK to me.

The picture would be weirdly different: A successful young company approaching size X would have to make painful choices about which business it really wanted to be in, and walk away from the rest. This doesn’t sound terrible.

You could still grow financially if you could figure out a force multiplier for the abilities and energies of your employees. This doesn’t sound terrible.

Companies could still be extremely powerful; look at Facebook. But I still think that, broadly, smaller companies are less so. And further, it’s very likely that this marketplace has a lot more competition than we see currently.

Enforcement

We fortunate citizens of the developed world live under the rule of laws not men, but an unfortunate corollary is that businesses will game the rules right up to the edge and beyond. So the rules would have to be pretty well cinched down.

  1. There’s no distinction between employees and contractors; the number of workday hours you pay people to work can’t exceed 8 times X.

  2. It’s not distinct employees, it’s how many are working on any given day.

  3. (Anti-keiretsu):

    1. If any company owns more than 5% of the equity of another, directly or indirectly, they are considered a single company for the purposes of this legislation.

    2. If any company derives more than 25% of its revenue from another company, likewise.

    3. If any legal entity owns more than 5% of the equity of more than one company, likewise.

Punishment

Laws are always violated, and it’s crystal-clear that certain sectors of the business community see fines and other forms of financial penalty as just another cost of doing business.

So I propose a system where there is only one penalty. Should a corporation be convicted of exceeding size X, its chief executive and Board of Directors at the time the violation started to occur, and any successors, would be subject to imprisonment until the illegal condition is corrected. So simple!

This idea is completely crazy and could never happen!

Overton Window. First they laugh at you. Etc…

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconEnlightenment Technology 20 Aug 2017, 3:00 pm

Around 1500, the levels of technology and productivity in Europe and Asia were not dramatically different. But by 1700, Europe had leaped ahead and, by the twentieth century, mostly come to dominate the world; the labels “Enlightenment” and “Industrial Revolution” are commonly applied. A Culture of Growth: The Origins of the Modern Economy, a 2016 book by Joel Mokyr asks “Why?” and tries to answer.

A Culture of Growth by Joel Mokyr

I encountered many jewels of insight and erudition in this book, which however is difficult, a rough read; I’m not entirely comfy recommending it. But it’d feel wrong not to pass a few jewels along, and in a couple places add perspectives that I think will resonate among geeks. [Apologies in advance for the length of what you are about to probably not finish reading.]

He’s not the first to ask, of course. It’s a sort of central problem in History and explanations are, as it were, all over the map. They include Europe’s relative agricultural and mineral wealth, theories involving population genetics, and (not so much recently) Christianity and of course the inherent wonderfulness of us gweilo honkey gringos. Let’s see…

…any suggestion that Christianity as such created a civil society and enhanced economic performance as such is sheer nonsense. [This, like all subsequent block quotations, is from the book. —Tim]

And:

It is important to stress that nothing suggests that any inherent qualities of Europeans or Christians were systematically different from other societies in a way that would foster the development of useful knowledge.

I’ve often thought that as a result of Europe’s being interpenetrated by bodies of water including the Mediterranean, Adriatic, Baltic, and North Sea, marine technology’s being less optional than it might have been in India or China was a probable contributor.

But Mokyr thinks it’s mostly about culture, enabled by fortunate historical accidents. I’m not going to reproduce his argument (Brad DeLong does here, but misses some of the really good stuff in the last third.) I’m just going to pull out a few of the lessons and questions and examples that grabbed my attention, and link to juicy related reading. Way down at the bottom of this piece, I’m going to gripe about the book’s problems and why you possibly don’t want to read it; but let’s do the good stuff first.

The idea of progress

For me, this was the biggest mind-bomb because, like every human who reads these words, I assume as a matter of course that the work of scientists and engineers improves the world, and that by deepening our understanding of how things work, we can make them work better so that we can live better.

But ca. 1500, that was a radical idea. In Europe, the “Wisdom Of The Ancients” was the watchword. There was no point trying to improve on Aristotle, Galen, and Ptolemy; in fact attempts to do so, taken too far, could win you a starring role in a scene involving a stake and firewood.

This wasn’t just Eurostupidity; China had its own “Wisdom Of” culture, where the ancients were mostly just one ancient, namely Confucius, and in fact the wisdom was strictly as transmitted in the Four Books as curated by 朱熹 (Zhu Xi) sometime before 1200.

Central to this whole discussion and thus, argues Mokyr, the Enlightenment and Industrial Revolution, was generally the notion that Progress Is Good (Corollary: The Ancients didn’t know it all):

Galen had no microscope, Ptolemy no telescope, Archimedes no calculus. More than anything, the moderns stressed, knowledge was cumulative.

Put another way:

Intellectual sacred cows were increasingly being led to the slaughterhouse of evidence.

To which most of us would say: Well, yeah. And while I try to be open-minded, I basically disrespect any arguments which in the twenty-first century appeal to the Wisdom Of The Ancients, notably including those of Christians, Muslims, and Buddhists, to mention only those most numerous. They say: “This old text, as transmitted through multiple fallibly-mutable scribal generations, says (for example) how women should behave sexually.” I say: “We know better now, because we measure what nature tells us.” Case closed.

So, who first made an argument like that?

Francis Bacon (1561-1626)

Mokyr says he did. It turns out that Bacon, a failed politician in permanent financial trouble, wrote the ur-narrative on what we now call the Scientific Method. He himself wasn’t much of a scientist, but was (apparently, if you read Latin) a good writer, and after all it’s a convincing line of argument: Observe nature, come up with explanations of what you see, try to prove they’re wrong, and the more you can’t the more you believe them.

In this context I need to link to two more long-form pieces: First Mokyr’s own Progress Isn't Natural last year in The Atlantic. Intriguingly, he calls out lots of luminaries of intellectual history, but not Bacon. However, Ada Palmer, a remarkable person, certainly does in On Progress and Historical Change, a messy, sprawling blog piece that might be even longer than this one will end up. It’s erudite, instructive, and fun! I quote: “In the early seventeenth century, Francis Bacon invented progress.”

Enemies of progress

We’ve always had them. Any system, no matter how impoverished, has people at the top of the pyramid for whom things are working just fine, and would prefer that they not change.

As we have seen, one bias in cultural evolution is what I call coercion bias, the ability of those in power who have a strong stake in the cultural status quo — be it religious, artistic, or scientific — to suppress innovation and persecute heterodox cultural entrepreneurs who deviate from the received wisdom. Innovations can undermine an existing structure of beliefs and in the process “erode beliefs” that provide certain groups with rents and legitimization. Another way of looking at this bias is to note that incumbents erect high barriers to entry into the market for ideas to protect their monopoly. These barriers often rely on such terminology as “heresy,” “apostasy,” and “blasphemy” and depend on raw political power to prevent new ideas from competing.

Could the Contras have won?

Mokyr is pretty sure they could have:

Fairly minor rewrites of history could have secured Europe for an obscurantist Catholic regime in which the Republic of Letters would have turned into a benighted theocracy dominated by Jesuits…

The essay by Ada Palmer that I linked above goes deep on whether history has a direction, whether anything can be said to be inevitable. The answer, of course, is “it depends”. But I thought Mokyr’s case was strong.

Here’s another interesting notion, formal barriers to the introduction of new knowledge. It turns out sociologists have a word for it:

A mechanism that has long been known to scholars working in cultural evolution is known as transmission isolating mechanisms, or TRIMs. TRIMs isolate a society from foreign cultural features, thus in some sense making its cultural macro-evolution more like biological evolution.

None of those TRIMs ever proved wholly effective, although those in Tokugawa Japan before the Meiji revolution came close, and North Korea in our time is making a serious effort in the same direction.

But Europe around 1500 was just too easy to move around in, and its cultures too incestuously intermingled.

Religion’s role

You may have noticed above that Mokyr is scathing about religion. But it’s not that simple; both he and Palmer point out that Bacon and his followers had a line of argument that Science was best seen as a form of Divine Worship, work that in and of itself glorified God, and thus intrinsically praiseworthy. I gather it was at least adequately convincing to those who unlike me believe in one or more divinities and further that they Have A Plan For Us.

In practice, it turned out that the Catholic church was, on balance but with notable exceptions, anti-progress; that Protestant denominations leaned somewhat the other way, and that England’s Puritans in particular lapped up the Science-as-Worship narrative.

After 1650, the power of conservative forces to hold back new ideas dissolved north of the Alps and the Pyrenees.

Why, then, did the proponents of Progress overcome their adversaries and successfully roll the rock down the hill that eventually became the Industrial Revolution?

Euro politics

Mokyr’s explanation relies heavily on Europe’s (then as now) political fragmentation, with many polities who even in times of peace struggle for power, influence, and money. This meant that when Science (or as they said then, “Natural Philosophy”; gotta love that) started to become A Thing, and the local Jesuits or Wool-guildsmen or whoever decided it was A Bad Thing, a Natural Philosopher In Trouble could skip across the border to the nearest unfriendly principality, where public disfavor at home might be enough to win you a court income and high standing.

I’m pretty well convinced on this point, if only because Mokyr offers lots of examples of thought leaders who did just that. It also helps explain why China, where people are just as smart and inventive as in Europe, never had its Industrial Revolution: There were no principalities a radical Natural Philosopher could sneak across the border of.

Networking

Part of the argument here is negative: “The enemies of Progress failed because…” but the positive part is more interesting. Mokyr discusses at length the “Republic of Letters”, the actual network of collaborating intellectuals that pushed back the boundaries of Natural Philosophy and, partially as a consequence, technology.

It was a functioning more-or-less meritocracy, driven by regular interchange of paper letters between the thought leaders, which eventually crystallized into intellectual coffeehouses, salons, and finally institutions such as the Royal Society and its peers.

These paragraphs will probably resonate with anyone who, like me, has lived substantially on the Internet:

The networks of people who rarely or never met one another turned out, paradoxically, to create a unity of purpose and method in a community that was overlaid on a highly fragmented world.

Also:

Special nodal figures whose responsibility it was to copy letters and send them on to other members were known as “intelligencers.” Correspondence clearinghouses or “offices of addresses” were set up, in which private communications were further disseminated.

A key feature was rough-and-ready egalitarianism; nobody had the standing to be believed uncritically, without someone else having considered and replicated their results. It’s hard to imagine how radical this would have been in an era where the Wisdom was mostly considered to be Ancient.

And another supporting accident of history that might not have happened:

Much less discussed than printing but of great importance in the operation of the Republic of Letters was the improvement in the continent-wide flow of mail.

Mokyr notes that the rise of postal services in pre-Enlightenment Europe was partly a function of the aforementioned fragmentation, particularly in the Hapsburg dominions. I also am cheered by the knowledge that the British postal system was built by, more than any other single individual, the novelist Anthony Trollope, in his civil-servant day job.

Really a lot of lucky accidents: We came awfully close to missing out on modernity:

Much of what is to follow describes cultural changes as a result of the incentives and stimuli provided by an institutional environment. Institutional outcomes, moreover, have a large aleatory component. They are the result of battles, dynastic arrangements, power struggles, the arbitrary preferences of unusually influential or powerful individuals, political compromises, and maps drawn by generals or politicians. There was nothing inevitable in the survival of relatively tolerant institutions in the Low Countries and Britain in the seventeenth century, any more than in the emergence of very different institutional outcomes in Korea or Germany after World War II. Such differences often seem to be the outcome of historical flukes rather than of deep cultural processes.

Does Science work?

Here’s the thing: Driven by Baconian thinking, Natural Philosophy (er Science) took off in the 1600s, and sort of roughly at the same time, there was a surge of technology progress, mostly around manufacturing. What could be more obvious? The Natural Philosophers did the theory, and the craftspeople (A.K.A. engineers) did the practice.

Except for, no. If you try to draw a line between the Laws of Nature as worked out by theoreticians and actual works-on-the-street technology, you end up with an embarrassing lag of perhaps two centuries. What’s remarkable is that the actual scientists found wealthy patrons to keep them in operation for generations in which their only output was public demonstration of things like electrostatic effects. In fact, Mokyr quotes the “well-worn adage that science owed more to the steam engine than the steam engine owed to science”.

Palmer and Mokyr both spin their wheels a bit trying to explain this; she offers “It is not an easy thing to prove science works when you have no examples of science working yet” and Mokyr says, unsatisfyingly:

A counterfactual world of technological progress entirely carried by skilled and imaginative artisans, without any input from Baconian-minded intellectuals and natural philosophers, might have seen some local technical advances in textiles and metals in the eighteenth century, but it would not have produced a sustainable and self-reinforcing Industrial Revolution.

Uh, care to introduce any empirical evidence, Dr Mokyr?

But I think the story isn’t that complicated; maybe because I’m one of today’s engineers/craftsmen, downstream from the scientists.

Here’s the thing: Science is a long shot. Most hypotheses are falsified. Of those that hold up, few have any useful effect. Many academic papers are entirely uncited.

Occasionally scientists stumble into a rich vein of theory with a short pipeline to practice, for example semiconductor physics or antibiotic drug discovery. But given the overall size of the Natural-Philosophy enterprise in the Enlightenment, tiny compared to modern Science, it’s unsurprising to me that it took a couple of centuries to get any goodies.

It’s worth noting that not only is science a long shot, it’s unpredictable. Who could have predicted that culturing moulds would bear lifesaving fruit, or fooling with germanium and silicon would launch cyberspace? Or (my favorite) that the rambling edifice of number theory, its towers of the purest ivory, would give us the first wave of strong Internet encryption?

I’m just thankful that the Enlightenment scientists’ patrons hung in there with them through all those decades where all they had were cool demos and peers’ plaudits.

What About Asia?

That’s the big question. Why didn’t India or China make the scientific/industrial leap? Mokyr digs deep on the subject of China, and oh my did I ever learn a lot about its intellectual history. The short version is that stasis was advantageous to China’s rulers and so Wisdom-of-the-Ancients became Imperial policy. Mokyr goes deep on this and he really knows a lot about the subject; I learned about 墨家 (Mohism) and the 考證 (Kaozheng) movement and a few interesting Chinese thought leaders; none of whom, however, managed to break the Imperial intellectual shackles.

…the Kangxi emperor banned all questions on natural studies from the civil service examination and his successor, the Yongzheng emperor, began a closed door policy that lasted until after the Opium Wars in the 1840s.

That seems almost as insane as, I don’t know, um, walling a billion-strong nation off from the Internet? And hey, those wall-builders are also trying to bring back Confucianism, which they explain as “Listen to your parents at home, to your teachers at school, to your boss at work and to the state and government in the country—then you will have happiness.” Feaugh.

What about education?

This shocked me too: It turned out that the great famous-named unversities (Oxford, the Sorbonne, and so on) were mostly part of the establishment, in the Wisdom-of-the-Ancients camp:

Universities in early modern Europe were, then, mostly highly conservative organizations in which, for the most part, “critical learning” meant purging classical texts of distortions introduced through copying and translation errors in a later time. The goal of the typical university scholar was “textual purity rather than scientific truth”.

Even more shocking:

Econometric work has found little support for a major role for education in explaining economic progress. A closer examination of the postulated role of human capital in growth also suggests that, alas, education (or human capital more generally) is not a magic formula for rapid economic development.

So there.

Is it actually a good book?

Not really. It’s only 400 pages long, but it’s a brutal, grinding read; put me to sleep a couple of evenings. The biggest problem is that it’s not actually written as a popular nonfiction book, but as an extended social-sciences academic paper. Let me give an example from early in the text:

The importance of these elements was already pointed out by John Stuart Mill ([1848], 1929, pp. 111–12) and different levels of trust have been shown to explain income differences between nations (Zak and Knack, 2001).

In the quotations up till this point, I have suppressed the endless citations. But the book is marred by way too many of these platitudes with academic fluff on top. Don’t want to hurt Zak and Knack’s feelings, but they sound like an third-rate standup-comedy duo.

Mokyr’s core argument is that the Enlightenment and Industrial Revolution grew out of a special moment in culture when Bacon’s ideas blossomed into the Republic of Letters, which built scholarly institutions and overturned the Wisdom-of-the-Ancients paradigm, and waited the necessary centuries for the science-to-technology-to-craftsmanship ecosystem to start working well. I think it’s a strong argument. Except for, the first hundred or so pages are dedicated to painstakingly defining what he means by “culture”, “institutions”, “progress”, and so on. Tl;dr: They mean what you think they do, as when said colloquially.

It is not the case that inside every big fat book there’s a slim one fighting to get out, but in this particular case I think Mokyr’s material could be distilled into a really superb little 200ish-page nonfiction gem that might sell a gazillion copies, improve the world, and make him rich.

I have more gripes. Consider this:

One might ask, had Britain and India been at the same level of economic and institutional development in 1700, why was there no “Western-Europe Company” set up in Delhi that would have exploited the deep political divisions within Europe to establish an Indian Raj in London, extracting high rents from Europeans remitted to nouveaux riche nabobs in India and forced Europe to accept Indian calicoes without tariffs?

Good question! After all, India featured the same political fragmentation and religious diversity that Mokyr (convincingly) claims underlay Europe’s intellectual surge. Why no Indian Enlightenment? He just doesn’t say, which feels like a hole in the book.

Business bumph

I know how to read through academic apparatus and am prepared to forgive the author, who apparently thought he was writing for his professional peers.

Less forgiveably, the book is suffused by fashionable 21st-century business jargon, which Mokyr seems to think useful in understanding the Enlightenment. The thought leaders, people like Leibniz, Newton, and Mersenne, are described as “cultural entrepreneurs” and the larger intellectual landscape is repeatedly referred to as a “marketplace of ideas”.

I know something about entrepreneurship and markets, and this is just totally cockeyed. Entrepreneurs know what they’re trying to accomplish and are especially distinguished by an unusual amount of risk tolerance. With a stretch, the term might apply to, say, Hitler or Mao. But these Enlightenment geeks were monomaniacally chasing whatever idea had its claws into them at any given moment, without any concern at all for what the results might be. That’s how thought leaders thought-lead.

And “markets”?! Gimme a break. The central defining feature of a market is that the entities exchanged therein have prices, and that prices are important. But ideas are free. When they compete, it is never on the basis of cost, it is the basis of power, simplicity, and credibility. Subtracting this crap would be another step toward extracting the many gems from this messy lump of prose and combining them into a bright clean instructive story.

A few more jewels:

Some scholars have proposed getting rid of such categories as “science” and “technology” altogether and instead proposed something like a “mindful hand”, which stresses the difficulty of drawing a line separating skill from knowledge.

We should indeed stress that knowledge was produced by a continuous range of people, from mindful hands to handy minds…

And:

The two most progressive nations in eighteenth-century Europe, the Netherlands and Britain, were the most heavily taxed on average…

And:

To repeat: the key to Europe’s success was its fortunate condition that combined political fragmentation with cultural unity. If it had had one without the other, the end result would in all likelihood have been profoundly different.

Finally:

…economists today speak of technological progress but institutional change: the directionality of the latter is much less self-evident.

And, in the end

On one of the book’s last pages Mokyr introduces a notion he’s apparently written about previously:

But most societies that ever existed were subject to what I have called elsewhere Cardwell’s Law, which is a generalization of the phenomenon that technology in any economy crystallizes at some point, and progress slows down and then fizzles out.

Well, that’s a surprise. I wonder if it’s true. Fortunately, he has input on how to dodge it:

Breaking out of Cardwell’s Law requires, above all, a community that combines pluralism and competition with a coordination mechanism that allows knowledge to be distributed and shared, and hence challenged, corrected, and supplemented.

It may sound hackneyed in 2017, but: Me, I believe in progress. I believe in building understanding cumulatively and striving always for Truth. Unfortunately, there are places in the world, some quite nearby, where the enemies of progress are strong. As Joel Mokyr teaches, progress is not predestined to win; we have to fight for it and never stop, or we can lose it; it’s happened.

I don’t want to diss the Ancients. It’s just that we know more now.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconOlympus TG-5 “Tough” Waterproof 13 Aug 2017, 3:00 pm

I found myself vacation-bound to Queensland (that’s the top right corner of Australia) and the itinerary included beaches and coral, specifically the Great Barrier Reef, which is dying. I like to photograph the places I visit, and the Olympus TG-5 is getting lots of buzz in waterproof-cam circles, so I got one.

Olympus TG-5 under water

The manual says that when it’s been in the ocean,
you should give it a ten-minute freshwater soak.

Camera geekery

The Oly TG “tough” cameras have been underwater stalwarts for years, and the -5 differs from its predecessors notably in shooting RAW, offering 4K video, and having fewer megapixels, for better low-light sensitivity. Oly obviously knows what camera geeks want to hear.

Up until the point that phones became good cameras, I’d always had a “pocket cam”. On this trip I had one again, and it was kind of nice. It doesn’t actually take better pix than my Pixel, but unlike any phone-cam it has a competent little zoom (30-100mm equivalent). What’s weird though (if you haven’t dealt with a marine model before) is that the zoom is all internal, there’s a soft hum but no moving parts. That’s probably why the sensor’s so small. Anyhow, it’s small enough to take along on the airplane and shoot out the window.

Pacific Northwest islands Sandbar somewhere between NZ and Australia

The first is near Vancouver; the sandbar is somewhere
in the blue water between Auckland and Cairns.
Couldn’t have captured either with a phone.

It’s pretty easy and fun to use; too many “modes” for a Fujiholic like me, but I mostly left it on auto and thought it mostly did the right thing.

As with all modern cameras, the image quality is not terrible, probably better than almost anything digital much before 2010.

Beach near Port Douglas, Australia

Could you take that with a phone? Sure, since it’s zoomed right out; but only if you didn’t mind taking your phone into chest-deep seawater.

It’s also got an interesting “microscope mode” for extreme close-ups. I had a lot of trouble getting anything useful out of that. These leaves are absurdly tiny. My problem was finding things that were tiny and also interesting.

Extreme close-up, Queensland rainforest

Under water!

Well, that’s what I got it for. These are all taken at Agincourt Reef. Pictures first, then a few notes.

Agincourt Reef, Great Barrier Reef Agincourt Reef, Great Barrier Reef Agincourt Reef, Great Barrier Reef Agincourt Reef, Great Barrier Reef Agincourt Reef, Great Barrier Reef

I was just snorkeling and free-diving (on top of which I had a cold, which gets in the way) — this would be a lot easier with scuba gear and a clear head. The pix out of the camera were pretty uninspiring, but since it shoots RAW, I could bring Lightroom muscle to bear. In particular, its Dehaze control (under the Effects menu) was very helpful. Two things come to mind: First, underwater photography is hard, and I’d never done it before. And compared to Hawai’i, the Great Barrier Reef has much less underwater color and visual drama; the above are definitely highlight-reel shots.

The camera comes with three different underwater presets, but after about the first ten minutes, I gave up and put it in the “P” mostly-auto mode and went with that.

It was great fun and I’m looking forward to another outing; I know I can do better and I’m determined to try.

Video!

The two little pix to the right are linked to short movies, shot at 4K and reduced to 1280x720, so “only” 41 and 23 MB respectively. I trimmed and exported them in Lightroom, but that’s all the video editing it offers; they’re otherwise straight outta the camera. I have no idea how this will work on your browser, I’m a complete video virgin.

Incoming waves

For the first, I set the camera down in the sand just where the waves were petering out, let it run for a bit, then zoomed out. Pre-zoom, you can see one wavelet bounce back off the camera. After, watch how the auto-focus works with the waves, which is not bad. I think I’m going to take one of these at every future beach I visit.

Free dive

The second is what I guess people buy these things for, just a record of part of a short free dive, max depth maybe three meters. It shows the coral colors as they mostly are, and without direct sun; not terribly intense or exciting. But there are a couple of yellow fish and the ascent is visually satisfying.

There’s so much craft in producing decent video and I don’t have any of it. But if you do, or if you just like taking pictures underwater, or having a camera you can set down on the beach or use in places where no sane person would take one, the TG-5 is a pretty good choice, I think.

It’s dying

The Great Barrier Reef I mean, killed by this insane uncontrolled experiment where we dump megatons of carbon into our planet’s air without considering the consequences. That’s one reason we went. It’s also a reason I don’t want Canada exporting any more of the carbon-laden crap coming out of the tar sands, and will do what I can to keep that from happening.

And, I have to admit, we should all be doing less flying around in airplanes. If the only flights were for vacations, and to worship at natural temples like this one, we could probably still save the earth, or at least the coral.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconTLS Wiretap Fear 24 Jul 2017, 3:00 pm

There is a hot lengthy argument going on in the IETF’s TLS Working Group which has been making me uncomfortable. It’s being alleged that there is an attempt to weaken Web security in a deep fundamental way, which if true is obviously a Big Deal.

What’s an IETF TLS WG?

TLS is a broad term for the family of crypto and related security protocols that make the Web secure. You may have noticed that more and more web addresses begin with “https:” rather than “http:”, which is a good and important thing; TLS in action.

The standards behind this good and important thing are hammered out by the Internet Engineering Task Force’s (IETF’s) Transport Level Security (TLS) Working Group (WG). They do their work in public and you can watch them.

Recently, there has been a ferocious outburst of controversy, kicked off by a thing called Data Center use of Static Diffie-Hellman in TLS 1.3. Some people say it’s a practical extension to let people who run data centers manage their network traffic. Others say that it’s an attempt to build wiretapping into the Web.

I’ve been reluctant to write about it because I am not a crypto wizard and don’t really understand Diffie-Hellman well. Fortunately, Stephen Checkoway, who is an expert, wrote TLS 1.3 in enterprise networks, and I was pleased to discover that he saw the picture more or less the same way I do.

Clearly, this is a subject on which reasonable people can disagree in good faith. But let me throw a little fuel on the fire: I think that in fact some people and organizations do want to add wiretapping to the Web, and in a way that would be overly difficult to detect by people being wiretapped. I further think that there’s no excuse for doing this, and agree with Checkoway’s take-away: “Yes, switching to TLS 1.3 will prevent operators from doing precisely what they’re doing today; however, there is currently no need to switch. TLS 1.2 supports their usecase and TLS 1.2, when used correctly, is secure as far as we know. Of course the network operators won’t receive the benefits of mandatory forward secrecy, but that is precisely what they are asking to give up in TLS 1.3.”

So, dear IETF TLS WG: It really looks like you shouldn’t do this.

Finally (on a related but distinct subject) I’m a little worried how easy it seems to be to introduce a wiretapping capability into TLS 1.3. But that’s all I’ll say on the subject because, as already stated, I’m not a crypto nerd.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconAndroid Auto 22 Jul 2017, 3:00 pm

I just had my first experience with Android Auto and I suppose there are lots of other people who haven’t been there yet, so a few words might be useful. Short form: Rough around the edges, but super-helpful.

What with my job, I sometimes have to travel between Vancouver and downtown Seattle; all the options are lousy. Driving isn’t my favorite but sometimes it happens. Recently I rented a car for the purpose; reserved the standard corporate-guidance minibox but they were overrun with summer tourists and, threatened with a long wait for the right car, I became That Guy you want out of your face. So they picked the top key off the stack and gave a brand new Dodge Charger with Android Auto (hereinafter AA).

Dodge Charger

What a ridiculous car. It has muscle bulges on its muscle bulges. Nobody would call it agile; stomp the gas and it takes a few moments to make sure you really meant it. But then, oh my goodness it gets down and boogies, putting all those bulges to work. I had great fun blasting through gaps in Seattle’s infamous perma-jam. Also, the seats were comfy.

Would I buy one… Are you kidding me? But thanks to National for the impromptu upgrade.

But I digress

Back to Android Auto. Once I plugged in the USB, my Pixel hooked up to the car right away; all I had to do was tap “OK” a few times.

Android Auto screenie

I used it to play music, send and receive phone calls and texts (with Signal of course), navigate, and listen to a ball game.

On balance, it works pretty well, albeit with rough edges. Here’s what you need to know about conversing with AA: Your answers should echo the questions. For example, if you get a message and AA asks you if you want to respond, don’t say “Yes”, say “Respond”.

Amusingly, I got a front-row seat for this bugfix; on July 16th I couldn’t get texting to work, but it was fine on the 18th.

Maps

Google Maps are pretty great and so are AA’s. The UI could use a little polishing; if I say “OK Google, directions home.” and there’s only really sane choice, don’t make me tap the screen, just go there.

The real pleasant surprise was when I sort of lost context on where I was and how far I had to go. I pulled over and discovered I could actually pinch, zoom, and rotate the on-screen map. Impressive!

Music

This was my fave. “OK Google, play Led Zeppelin.” “OK Google, play Rough Mix.” “OK Google, play Drycleaner from Des Moines”. Sometimes it takes a surprising amount of time to think it over, but I gotta say, it never missed. Now, I didn’t try any classical choices, because after all it was a Dodge Charger.

All this presupposes you have Google Music set up, which I strongly recommend; it’s free and good, what’s not to like?

What else?

Well, there are lots of apps, but I’m not seeing anything that’s making me breathe hard. Well, Skype could be handy. Also, I wouldn’t mind having a voice reading my Twitter stream when there’s hot news breaking. But I have to say that maps, music, phone, and text hit a huge 80/20 point.

Take-aways

  1. Bigger screens are better. The Charger’s was only OK, which left AA sort of cramped, surrounded by the Charger’s built-in apparatus for radio, climate-control, and so on.

  2. I think I need AA in my next car.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconOn Password Managers 16 Jul 2017, 3:00 pm

It has come to my attention that people are Wrong On The Internet about password managers. This matters, because almost everybody should be using one. Herewith background, opinions, and a description of my own setup, which is reasonably secure.

What is a password manager?

It’s a piece of software that does the following (although not all of them do all of these):

  1. Store your passwords in a safe way, protected by at least a password, which we call the “master password”.

  2. Make new passwords for you. Here’s an example of a generated password: QzbaLX}wA8Ad8awk. You’re not expected to remember these.

  3. Make it easy to use passwords. One way is to copy it out of the manager and paste it into a password field. Another is to use a browser plugin that auto-fills login forms. On certain combinations of app and mobile device, you can use your fingerprint to open the password manager, which makes everything way faster and easier.

  4. Store other stuff too. I keep various Important Numbers and AWS credentials and recovery phrases and so on in there.

  5. Synchronize between devices. I have two computers and one phone and I need access to my passwords on all of them.

There’s more, but those are the essentials. The effect is that you end up using a different password for every site and app, that they’re all strong, and that you don’t have to remember very much.

My own manager, which I’ve been running for years now, contains 504 items, and I use it a few times a day, every day. Granted, many of the 504 are for sites and apps that no longer exist (like the dead people I can’t bear to erase from my contacts).

How they work

It’s pretty straightforward conceptually. They have a little database with all the stuff in it, and it’s all encrypted using your password. So even if someone steals the database, you’re probably OK because modern crypto makes it really hard to crack the code.

Where it gets interesting is how these things synchronize between devices, and how they use the network.

Basically, it comes down to this: Can you get access to your passwords over the Web? Lots of password managers allow this, but some don’t. For example, I use the 1Password app, which has no website whatsoever, and has a variety of ways of syncing (iCloud, Dropbox, WiFi, local folder) none of which involve talking to a website with a browser. [There are lots of other password managers, which I’m not gong to write about because I don’t use them.]

What’s wrong with a Web site?

The problem is that the site has my encrypted data, and at some point, wants me to type in the password. Thus, in principle, they can peek and see my passwords. And hand them over to the NSA. Or to the criminal gang that abducted the CEO’s children. This makes me unhappy.

In principle, this could be OK. What with modern JavaScript, it’d be perfectly practicable to do all the crypto inside my browser, never send the password (or anything unencrypted) over the wire, and have me sleep soundly at night. Furthermore, since JavaScript is by definition open-source, I could in principle look at the code and satisfy myself that it’s wholesome.

In practice, nope. The JavaScript platform is dynamic to the core and horrifyingly complex even before they start loading massive modern application frameworks on it; any teeny little bug or zero-day exploit at any level of the stack and I’m cooked. Also, the NSA or a crook only has to make the slightest little mod to the code, and take it away a few milliseconds later, and the horse would (silently) be out of the barn.

In the 1Password app’s sync model, however, one assumes they use the pretty-secure HTTPS-based APIs for each of these products, machine to machine, no JavaScript in the loop.

Why we’re talking about this

Because AgileBits, the company behind 1Password, is trying to get people to move over to a Web-based thing; that’s what you find when you go to 1password.com.

There’s a decent summary at cyberscoop and a longer, more personal narrative from Kenn White.

I, like many security-conscious people, am just not gonna use anything where the same party, who’s not me, gets to see my stored data and my password. Sorry. But I love the 1Password apps and I’d really like to go on using them. More on that later.

Let’s get serious

Am I claiming that my app-only approach is 100% safe? No, because security just isn’t binary, ever. Let’s see:

  1. The bad guys could slip a sedative into my coffee at a coffee shop and install a keylogger on my computer, or

  2. install a camera anywhere I work and focus it on my hands, or

  3. phish me with a super-clever website or poisoned USB key, and get the keylogger in that way, or

  4. point a gun at me and ask me to unlock all my devices (then probably pull the trigger), or

  5. send a National Security Letter to AgileBits and force them to put backdoor code in a future 1Password app release that sends the goodies to the enemies.

And anyhow I’m obviously a lame-ass hypocrite because I use the 1Password Chrome plugin to fill in forms for me, and this means I type the master password into a browser. Having said that, I verified that it works when I have the networks turned off, and at the end of the day, the plug-in is no more nor less secure than the app I use all the time.

Is your setup perfect?

Well, I only remember four passwords: For my personal computer, for my work computer, for my AWS account, and the 1Password master. And the AWS password is just an accident of history; I only need 3.

Obviously I change them regularly and use password-less ssh access wherever I can, and lots of places I go have two-factor, via SMS or hardware token (Gemalto, Yubikey) or the Android Authenticator app.

So, on balance I feel pretty secure. One downside is when I’m setting up a new computer or phone. The process of typing in long generated passwords on a mobile “keyboard” is so impractical as to be hilarious.

In effect, my security is about as good as my mobile device’s. Actually a bit better, because the 1Password app needs one more fingerprint-or-password.

You sync through Dropbox, are you crazy?!

After all, Condi Rice is a board member, which has to worry you. But let’s assume the worst: that Dropbox turns turtle for the Feds, or gets totally pwned by bad guys. So, congrats, they have my encrypted password file. It’s not impossible that they might crack it. But it’d probably be easier and cheaper for them to slip a sedative in my coffee, or… (see above).

Why is AgileBits doing this?

For the same reason that Adobe has been pressuring its customers, for years now, to start subscribing to its products, rather than buying each successive version of each app. A subscription business is much nicer to operate than one where you have to go out and re-convince people to re-buy your software.

I understand, and I support AgileBits wanting to become a subscription biz. But I still want to keep my data and password away from their servers. This all seems fine to me. I pay my monthly rent to Adobe and it’s for Lightroom & Photoshop, not for their unexciting server-side offerings.

So AgileBits, why not? Please go ahead and start asking for subscriptions. But don’t ask paranoid people like me to go anywhere near 1Password.com.

AgileBits has addressed the situation in Why We Love 1Password Memberships, but it’s really unsatisfying, totally ignoring the security concerns. And (I guess I shouldn’t be surprised) failing to acknowledge the business advantages for them in making this move.

Am I wrong?

Maybe there’s something I and the others who are all upset about the 1Password move are missing; maybe it’s all just OK and there’s really no significant loss of security. In which case, AgileBits really needs to explain why.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

FaviconBye, Rune 24 Jun 2017, 3:00 pm

She was a purebred (Bengal) actually, with a formal name: Bellsangels Rune, and a pedigree. Born March 23, 1998, departed this life June 23rd, 2017, aetat 19 years and 3 months. She predated our children and digital cameras and this is the only obit she’ll get, so it’ll be lengthy. But not unamusing I hope, full of stories, and bookended by baseball.

Bellsangels Rune

The “Rune” is because when she arrived the senior housecat was named “Bodoni” after the typeface, and we failed to find a font we fancied with a feminine feline name; since she was skinny and angular “Rune” seemed OK. Our next-door neighbor called her “Rooney” and there was no point correcting him.

We bought a fancy cat because we were mad at the Humane Society for sending us home with Millie the kitten, who turned out to have distemper and died in 48 hours. Which prevented us from adopting another for a full year, to avoid lingering microbes.

Rune was the best cat ever, but the fancy-cat-acquisition process gets you into pretty weird territory. Her breeders were in a distant suburb, in a big carpet-free house full of kittens and a morose Great Dane, eye bandaged due to kitten-stab.

Also they operated a cat hotel which we patronized a few times while traveling. Its rooms were themed: I only remember the Bridal Suite and the Sports Bar (walls lined with real booze in miniatures). They’d come and pick the boarders up in an old limo with a huge stuffed tiger in the back.

They never, even once, used the word “cat” — “kitty” and only “kitty”

One time I asked them if they showed their cats and they said No; that they’d found the people who show cats were a little on the strange side.

Rune on a rafter

A very early digital photograph, captured in December 1998
on a miserable little 640x480 first-generation digicam.

Above, Rune’s on our exposed upstairs rafters; she leaped from one to the next for pure fun. It felt a bit odd betimes, when she’d park on the rafter over the shower and admire your scrubbing technique; I guess she liked the steam.

She was lethal in her youth, the terror of the local rodents and even biggish birds. One time she and I were chilling on the front steps when a crow landed on the neighbor’s porch railing to caw at us with attitude. On the third caw Rune was down the stairs, through the hedge, up the side of that porch, and the crow’s leg was in her jaws, before the bird or I could react. But she was a small cat and it was a big crow. I intervened to put the bird into the fork of a big tree and the cat inside. Maybe the crow survived.

The other crows learned. In her prime, it was super-annoying the way they’d appoint a posse to follow her around the neighborhood, perch on wires and trees, and squawk at top volume when you were trying to have a conversation or listen to music. She hunched and looked oppressed, but I didn’t feel that sorry for her.

Rune on a vna

Rune has captured the neighbor’s van
and is wondering what to do with it.

She was a people cat. Unfortunately the three-to-five humans co-resident during her tenure were not nearly enough to meet her needs, so she adopted the neighborhood. The guy who called her “Rooney” is a little bit gruff and territorial; but eventually accepted that if the door was open, she’d be in to look for a lap or a handout.

This was mostly OK; but another neighbor (with whom we carpooled kids to school), seemed embarrassed not outraged when she confessed that Rune had sent her cat to the vet with abscessed wounds.

My personal fave episode was when she visited the upstairs next-door neighbors, which was OK but they forgot she was there and went out. After a while she became upset, which she expressed by pushing objects out their open bathroom window to the pavement two stories below; I think none survived.

Her magic, once again: Nobody complained. I guess they thought it was their fault.

Imperfections

Rune was occasionally a poor citizen of the household; sometimes maliciously so. In her view, the greatest sin, punishable by targeted peeing (more below), was ignoring her.

But the only time she drove me to violence (against any living mammal since I turned 18) was the Great Reshelving. We’d reorganized our shelves in a way that required that the books all be taken out, stacked on the floor, then replaced. This is an onerous task. Our shelves are deeper than strictly necessary, and Rune figured out she could get behind the books on a half-filled shelf and push them loudly out on the floor. What could be more fun?

Dear Reader, I must confess that, after a certain number of gleeful deshelvings, she impacted the sofa (soft, mind you) at fairly high speed and, on the rebound, failed to plant a clean landing on the hardwood. She glared at me and left the room in what P.G. Wodehouse used to call a Very Marked Way. Which she had to, because I glared back with intent.

In this case I have evidence. Here she is, disrupting the “T” section. Fortunately, she never actually realized that the volumes of Gibbons were separable as opposed to just a catwalk.

Rune displacing books

Peeing with intent

This was her worst, purely malicious, sin. She understood the cat litter (and of course the garden outside) perfectly well. But if when aggrieved (as in, left alone in the house for too many hours) she discovered a garment left on the floor near an attractive perch, she would perch, cock her tail, and express her smelly feelings with perfect aim from as far as several feet away.

“Well,” I lectured the children in a superior moral tone, “what can you expect if you leave your things lying on the floor all sloppy like that?” Having, of course, first suppressed the evidence of my own befouled knapsack.

Table raider

Another major sin. All the cats who’ve lived with us understood that We Do Not Feed Pets From The Table. The kids learned this early too. As did Rune, but she just didn’t care. If you got up, leaving a pork chop or chicken kebab on your plate, and foolishly didn’t push your chair in, you probably wouldn’t get to eat the rest of it.

Once again, I have photographic evidence.

Rune and boy

In this case, the meat is mostly gone from the plate,
so Rune is immune from instant banishment.
We both understood the rules of the game.

That, by the way, is my son, then aged ten, who just graduated from high school and may make a named appearance in this space soon if he wants to.

The best pictures of Rune are all looking up at her, because of course she enjoyed looking down on us.

Rune looking down Rune looking down

I’ll miss her awfully. But so far I’ve left out her purest love.

Video cat

From a cat’s point of view you can’t beat a TV binge, be it baseball or Miyazaki or long-narrative-arc series, because the humans’ thighs are horizontally immobilized on the sofa. She enjoyed us watching (to name a few) Lost and Battlestar Galactica and The Wire and Deep Space Nine and Orphan Black, rarely missing an episode.

Sometimes, knitting was involved.

Rune watching TV

Not watching out for Cylons.

Baseball brackets

Her end came fast; she’d been going downhill for months, but with little pain it seemed, and then one morning her back legs didn’t work, a blood-clot they said and not reversible, so the decision was easy. My son and I took her to the vet and held her warm while she died.

Neither kid had known a time without Rune, so it was a pretty gloomy household. Casting about the next day, I noticed a minor-league baseball game at the park ten blocks from us, so we went.

Minor-league baseball the day after Rune died

Rune had left us gradually, her illnesses mounting; I’d been dealing OK with the grief. But then I remembered a scene from the late summer of 1999 that our friend Kim photographed on film; a bit low-rez, but look at it anyhow.

1999

We’d taken our new baby (the same kid you saw above) to a ballgame, strapped to my chest. It all went OK, the child pretty drowsy, till the home team made a brilliant double play in the second. I leaped up and clapped and cheered, and the poor little guy woke up, panicked, and howled fiercely, much to the amusement of my fellow fans: Spot the rookie Dad.

Whatever, we were going home with our new baby and our little cat would be happy to see us. Shortly after I took that 2017 ballpark photo, I thought of the other, and the empty house we’d be coming home to. I’m pretty sure nobody saw me weeping into my hot dog for a departed friend.

Tonight, I put on a high-tech fleece in the after-dinner summer cool and noticed it still had cat hairs on it in multiple shades of brown. I’m not putting it in the laundry any time soon.

Blinklist Blogmarks del.icio.us Digg Ma.gnolia My Web 2.0 Newsvine Reddit Segnalo Simpy Spurl Wists Technorati

Page processed in 0.751 seconds.

Powered by SimplePie 1.2.1-dev, Build 20111015034325. Run the SimplePie Compatibility Test. SimplePie is © 2004–2017, Ryan Parman and Geoffrey Sneddon, and licensed under the BSD License.