You are viewing maradydd

oh really?
I've seen some criticism that the punchline of this:

is disingenuous because criticism of one's clothing choices and sexual assault are incomparable.

This criticism is itself disingenuous because of its gross scope insensitivity. To illustrate, a quick thought experiment:

Would you be okay with a single person saying "I think you shouldn't have worn that shirt" once? Probably.

Would you be okay with hundreds of thousands of strangers telling you over and over again that you shouldn't have worn that shirt, for several days running with no end in sight?

Yeah, didn't think so.

Context matters. Scope is part of context.
purple hair
It is pretty important to read this Atlantic piece on synthetic biology in light of the research of Ester Boserup. (The Conditions of Agricultural Growth is not all that long and the clarity of her writing is up there with Bertrand Russell.)

When cultivable land is "squeezed," as the Atlantic puts it, that is a constraint on agricultural conditions. But population will continue to determine agricultural methods -- ours, and our soil symbiotes', and our crops' predators', and our (tiny, tiny) predators'. Eating and fucking are the two primary drivers of technology, and at least we have something resembling a historical record on the how-dead-things-become-eating part.

I'll waffle by a decimal order of magnitude plus or minus and say the hub-and-spoke model of food distribution is responsible for an ecological shift about on par with the transition from hunting and gathering to agriculture. Need to dig into Lord May to get a better grounding in that. I'm too close to the problem, still, for now, to be able to think coherently about the attendant parallel shifts in power structures that necessarily accompany the discovery and colonisation of a new resource, but maybe that's for someone else to think about.

What I do know, though, is that the Atlantic is right. The boulders are voting about how to start the avalanche. If the pebbles want some role in its direction, the time to get rolling is now.

Professional Courtesy

purple hair
Everyone I know dislikes having to get in touch with their bank, except for people who bank with USAA.

The United Services Automobile Association is a financial services group with its origins in insurance. It has a membership base of about 10 million; members must have served in the military or be in the family of another member1. Wikipedia credits them as a pioneer in the field of direct marketing, and while I am no expert on marketing and know nothing about USAA's corporate strategies, "get the attention of your desired customers by offering them products they want and can use, and keep it with outstanding customer service" is a pretty good description of how they have always marketed to me and seems like a workable strategy as long as you don't have to be growth-oriented.

This has the pleasant side effect of reducing my likelihood of procrastinating about bank-related Shit What Has To Get Done. I have been running a near-constant executive function deficit since, oh, probably mid-2006, and trivial inconveniences are a huge cognitive hazard when you're running low on executive function. I am the kind of customer that banks with scummy transaction processing order practices wish were theirs, because the amount of inconvenience required to dissuade me from picking up the phone and demanding that they process my paycheck before my rent check is not that high. It's higher than picking up the phone to talk to someone who wants to help me solve my problem, but it's lower than picking up the phone to talk to someone whose motivations are "keep call times low" (because that's a metric their job performance is evaluated over) and "don't give the customer anything" (because that's what management impresses on them, perhaps something they've seen others fired over).

This observation brought to you by the so far really quite impressive customer service of the small group practice where my new therapist works. More to come, perhaps.

1I got my membership through my dad, who 4-F'ed out of Vietnam due to a heart problem. He became a member through his dad, who was in the field artillery in WWII and Korea and retired as an LTC. So I already had an account with them when I enlisted, which was handy.

On Leave

purple hair
The other day my coworker and I were comparing the relative merits of our company's vacation and sick leave policies in the US and Belgium, respectively. That part was mostly minutiae, but it also got us talking about the trend in the US, in my lifetime, toward a single pool of "personal time off" rather than discrete sick time and vacation time.

That trend has always annoyed me, mainly because having both migraines and a job with one-pool PTO make it impossible to plan a vacation pretty much ever. These days I schedule my vacation time out of a pool of time that is just vacation; when I am sick, that time is compensated according to a baroque1 system largely defined by the Belgian federal government, the workings of which are mostly opaque to me apart from the bit where I have to get a doctor's note if I'm going to be out for more than two days. To give you some idea of how opaque I mean, I have no earthly idea under what circumstances they stop paying me if I'm sick2. We are talking about the Benelux, though, which when it comes to social welfare is basically "Scandinavia but less pushy about it."

Even in the US, though, I think there could be a lot of value, in terms of employee quality of life, in splitting PTO back up into vacation time and "emergency time". Being able to schedule time off for planned events (like family trips or conferences) is one kind of benefit, being able to take time off for unplanned emergencies (like car trouble, or needing to pick up a sick kid from school, or your basement flooding, or being sick yourself) is another kind of benefit, and not having to expend effort on budgeting under uncertainty between the two is yet another, albeit more indirect and less obvious. Still, less stress is less stress.

If I ever run a company with full-time employees again, I'm inclined to try this.

1That is to say, like everything else the Belgian government does.
2Although apparently I have the statutory right to take up to two weeks off in a row, if I have enough time banked to do so.


The Fungible Audience Fallacy

purple hair
Incidents of "Shanley Kane verbally attacks some friend of mine in some way that is obviously counter to her stated goals" keep rolling in at the rate of about one every two weeks. Last time, it was bashing a friend who started slinging C professionally around the time I was born because "her generation" didn't create the workers' utopia (by Shanley-logic, this apparently means my friend "doesn't belong in technology," because what the fuck); this time around she's up in netik's grill about how abuse reporting on Twitter should be a solved problem already because of his FUCKING AMAZING COMPUTER SKILLZZZ (yes, that's a quote -_-).

Over on Facebook, a friend of netik's observed:
I don't think she's insane. I think she's cognizant of a character she's portraying, and an audience she's playing to. I think the same of Rush Limbaugh.

I find this especially interesting in light of Scott Alexander's recent post about the motte-and-bailey doctrine, aka "strategic equivocation".

Activists of all stripes point to "raising awareness" as a last-ditch defence of their activities; the implication seems to be that maybe they didn't do anything to solve the problem themselves, but at least now more people know about the problem and maybe one of them will solve it. (When did passing the buck become a thing to pat yourself on the back over?) Taking into account the human cognitive bias toward remembering unusual/bizarre things over ordinary ones, it follows readily that the most successful "awareness-raisers" will be the ones who stand out as discordant in some way. As a meta-strategy, staking out the farthest-out-in-the-bailey positions you can find and defending them as loudly and obnoxiously as you can generalises to every ideology I can think of.

The problem with this strategy is that listeners aren't fungible. Not all listeners are equally capable of solving hard problems, so if your stance is going to be "if you don't like my bailey then you can't be in this motte either," (ETA: which rezendi pointed out may very well be a deliberate attempt to move the Overton window; I should have made that explicit earlier) you have to have a really good heuristic for figuring out who can't solve problems you care about and can therefore be alienated without much further thought versus who can and should therefore be interacted with more, erm, thoughtfully. Which makes this an especially stupid argument on Shanley's part, because as far as I can tell, she and netik share a motte, and whatever semblance of a map she might have for improving Twitter's response to abuse is useless without the territory knowledge of someone like netik.

Perhaps rather than "she's insane" it would be more accurate to say "her decision-making criteria are incomprehensible." I mean, maybe she thinks yelling at an ex-Twitter employee will knock a few neurons together in someone currently working at Twitter (perhaps one of her readers) and get them to solve the problem. If she were a better social engineer she might even be right about that, except for the fact that the problem is also nowhere near as tractable as she thinks it is and she doesn't seem to have any interest in examining its structure. I think that counts as irony.

As usual, nearly everything that matters is a side effect.
Angry Young Meredith
I need to start keeping a timeline or something (UPDATE, 19/12/2014: Slate did it for me! Thank you, Slate), because I figured at some point the cogs in the 24-hour outrage cycle would notice that some of us have cottoned on to their business model, and now Jessica Valenti has. Obviously the Grauniad, bastion of even-temperedness that it has ever been, is the perfect pulpit from which to reassure the masses that these horrid aspersions on the character of Feminism™ are but spittle flung from the maw of Patriarchy™ as it writhes in its death throes. Important Things are happening in Feminism®! Feminism™ is the hip, happening place to be! Don't you all want to come hang out with the cool kids in Feminism™ and not those squares at the Washington Post?

Let me back up a step.

Clickbait, in Annalee Newitz's analogy, is to social media journalism as the pun is to humour: a low form, made lower still by the deceptiveness often attached to it. Sure, those may in fact be 15 cat videos behind that link, but you won't know if they really are the 15 Funniest Cat Moments Ever, or even cat videos at all, unless you click through. As soon as the site loads, the site owner has racked up a few more ad impressions at the expense of a small fraction of your time, attention, and bandwidth cap if you have one. They are no longer on the hook to deliver anything ("We never said the videos had to load"), and any further time and attention you spend on the content presented is your lookout. Newitz's historical analogy to yellow journalism is incredibly apt, and applies financially as well: once you handed over one red cent for that issue of The World, it was yours to read, yell at, or line your birdcage with as you pleased, but that penny was never coming back.

Both the analog and digital forms of yellow journalism require some amount of repeat business, which according to this NPR interview takes the form of running some yellow content and some "strong" content (that's the word the interviewee chose) so that readers don't feel deceived or ripped off, or at least that they feel sufficiently less deceived/ripped off that they'll continue visiting the site instead of blocking it on Facebook. (I noted with some amusement that NPR noticed Mr. Hind from a piece he wrote entitled "In Defence of Clickbait," in — three guesses and the first two don't count — the Guardian.) If transactional analysis had been a bit more rigorous about the game theory that Eric Berne based it on, we might call this a mixed strategy, where the player (the publisher) chooses option C ("strong content") some percentage of the time and option D (clickbait) the other percentage of the time, and the player's strategic question becomes where to set that point.

The Guardian has a lot of strong content, much of it having to do with surveillance and geopolitics. Unfortunately, there's yellow journalism to be found in that domain on their pages as well, and distinguishing one from the other is still an exercise for the reader. I named the options above C and D not because A and B were already taken, but for Cooperate and Defect. And yes, I am explicitly making a normative assumption here; that said, the Guardian's own editorial code states up-front that
A newspaper's primary office is the gathering of news. At the peril of its soul it must see that the supply is not tainted.
so at the very least, the Guardian at least claims to hold that same assumption itself: that a newspaper is cooperating with its readers if it provides them with accurate news, and defecting against them if it lies to them.

Okay, now back to Valenti.

I have argued for a while that activism in general is being strangled by an epidemic of self-righteous tourists, to the point where I consider the term "activist" an insult; I build things, fuck you very much. Take the case of Nick Kristof, whose ham-handed foray into anti-sex-trafficking activism gave a megaphone to the Somaly Mam Foundation as it inflated itself with fabricated horror stories until finally the tower of lies became too precarious to stand up anymore. Or, remember #KONY2012? Of course you don't, that was two years ago and that's forever in Internet time, plus nobody likes embarrassing memories. Joseph Kony is still tooling around the remoter parts of central Africa, though, and Jason Russell doesn't seem to have done much since his documentary got that SxSW award. Though I suppose that's rather the point, isn't it? Crucially, nothing has actually happened. Why would it, when the gravy train provides such "strong content", so many awards, and so very much attention and praise?

Valenti is not a tourist; she came by her credentials honestly. But she is a travel agent, and a very busy one at that.

A travel agent's job is to sell you the promise of an experience and the tokens you exchange for that experience: plane tickets, hotel stays, car rentals. The agent cannot sell you the experience itself, and you can only guess what the experience will be like until you arrive in booming metropolitan Norilsk and wonder what the hell you're doing there.

Jessica Valenti sells moral panics. If you're the sort of person who thrives on group approval, a moral panic can be a rousing good time, at least if you identify strongly with the side doing the panicking or the side being panicked against. If that's not your idea of a good time, though, too bad; the side effect of a moral panic, after temporarily transforming a community into its own version of 17th-century Salem, is to leave it much like Norilsk, chilly and polluted with ill will, and whether you wanted to end up there has nothing to do with the fact that you're there.

What I find interesting about the Guardian article is the indicators that Valenti sees a moral panic rising against feminism. She dubs George Will, Conor Friedersdorf et al the "backlash machine" (a portmanteau of Faludi and Will, I guess?), accusing them of "court[ing] and revel[ing] in such controversy."

*ring ring* Hello, Pot? This is Kettle. Guess what? You"re black! *click*

She accuses the "backlash machine" of gaslighting women who are angry about rape by telling them that they're overreacting, mere moments after implicitly telling David Bernstein that he was overreacting to Michelle Dean's hit piece on him by swallowing Dean's "Bernstein said only prostitutes explicitly consent to sex!" line hook and sinker. Bernstein's rebuttal came out the day before Valenti's piece, but apparently as far as she's concerned, it doesn't exist.

This is blatant dishonesty not just to David Bernstein, but to all of the Guardian's readers. Valenti put words in Bernstein's mouth and is trading on an out-and-out falsehood, all in the name of rallying more banners around her flag. I'm not sure which has gone on longer, gaslighting women or gaslighting people unwilling to participate in a moral panic, but neither of them are right or good and I am appalled at Valenti's brazen condemnation of the one while committing the other. Though I suppose that's rather the point, isn't it? After all, I'm sure LiveJournal appreciates my pixel-spilling far more than my employer does, since LiveJournal can put ads on it.

"But, Meredith," I hear you say, "isn't it true that Feministing, Jessica Valenti's most successful venture to date, doesn't even make enough ad revenue to pay its own writers? Considering the scope, aren't you overreacting?"

I would be, if this were just about money. But it's not just about money. It's about attention, but probably not in the way you think it is. It's about bias, but probably not in the way you think it is.

Most of the valuable things you interact with every day are not money. Time is one of them, but the other one I mentioned way up top — attention — is more interesting, because you can't control the passage of time, but you have some amount of control over where your attention goes. Do you remember how much of your attention went to #KONY2012? I know you don't want to, but screw your courage to the sticking-place, download your Twitter archive and scroll back through your Facebook history, and confront exactly how much time you wasted. Soak in it until your fingers go pruny. That was you, two years ago. If you didn't actually scroll back, then you're cheating, because your memory hyperbolically discounts and you're not getting the full effect. Scroll back, look hard at who you were two years ago, and ask yourself: is this how I really want to be spending my attention?

Your present self excusing your past self for wasting its resources isn't the only bias at work here, either. There's also confirmation bias, in particular a really nasty manifestation of it called the backfire effect. When you "learn" something false, then encounter new information that contradicts your previous model of the world, your brain doubles down on rejecting that new information — particularly if the false thing you "learned" in some way confirmed your existing model of the world. There is indeed a wedge between the two sides of a culture war, it is called group polarisation, and giving a rabble-rouser a platform from which to lie unrestrainedly is one of the best ways to drive it in deeper, because first there's the initial strike and then there are the depth charges of the backfire effect going off when the inevitable contradictory information surfaces. Nice job breaking it, Grauniad.

What annoys me the most is that there was plenty to respond to in Bernstein's original article without libeling him as a hooker-hater. The law has been the law for quite some time now, and anyone who is serious enough about writing explicit consent into the criminal code to voice the thought needs to also give some serious thought to how that amendment might be worded and how the wording will interact with the rest of the body of law, because guess what, that shit matters. Both of Bernstein's articles read to me like he's totally open not just to having that discussion, but moving it forward as well; he's a law professor, so this is the sort of conversation that he has the body of knowledge to make really useful. (If you're reading this, Dave — is it cool if I call you Dave or do you prefer David? — I am totally down to have that conversation, whenever it's convenient for you.) We could have had a thoughtful discussion about how to revise the motherfucking law in the direction Valenti claims to want it to go, but no, lying about him is just way too much fun.

Get an editor, Jessica Valenti, and get a sense of responsibility. And get off my goddamn lawn, it's getting like Norilsk around here.

Edited to add: lilmissnever points out that there is now a correction at the bottom of the article. That's all well and good in the abstract, but my point about the backfire effect still stands; see also docstrange's remarks. Bernstein's rebuttal came out a full day before Valenti's article. Some editor should have caught this, or at least compared Valenti's characterisation of his original article with the actual text and realised just how far off base it was. The time pressure that the 24-hour outrage cycle demands leaves little or no time for fact-checking, and that's why crap like this makes it to press.
Angry Young Meredith
There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult.

— Sir C. A. R. Hoare

On the heels of I-guess-it-was-Wednesday-I-don't-keep-my-thumb-on-the-pulse-of-this-shit's news that "single-tap zero-character communication tool" Yo had raised over $1M in seed capital comes today's news that Yo leaks users' phone numbers and is riddled with other holes.

This should surprise approximately nobody, and yet it apparently does. By and large, people have come to grudgingly expect data breaches at their mobile providers, their banks, the restaurants and stores where they shop, even their government services — these things are complicated — but surely an app that does just one thing can get that one thing right, right?

The problem is not the one thing. The problem is everything else.

Hoare also famously observed that "One of the most important properties of a program is whether or not it carries out its intended function," and later in the same paper (emphasis mine), "The most important property of a program is whether it carries out the intentions of its user." The distinction here is subtle, but important. When a user installs a program, the user intends that the program carry out its intended function, and also intends that the program not carry out any unintended functions1. The fact that your program can carry out its intended function is not enough if your program also carries out other functions that are actively detrimental to your users, like leaking their phone numbers without their consent.

Time will tell how much of Yo's seed round will leach away into the legal system (or to the FTC, as Parker Higgins points out) as a result of its negligence, and I hope that investors, entrepreneurs-in-residence, entrepreneurs generally, and users pay attention to that figure. If this number is low, that's good news for unscrupulous investors and bad news for privacy (and civic engagement, and so on). Although it generally seems to be the case that the market does not give much of a fuck about data breaches, I would really like to see that seed round evaporate away into damages, because honestly whoever signed off on due diligence for this funding round was either criminally ignorant or criminally negligent.

An important lesson here, for users as well as due diligence, is that permissions don't tell the whole story, particularly when viewed in isolation. (You'll have to click on "view details", there doesn't seem to be a direct link.) "Find accounts on the device" sounds like an innocuous enough capability on its own — but as Glympse's explanation of how their Android app uses the permissions it requests points out, "find accounts" is also required for push notifications. Because that obviously makes sense. (I am not actually an Android developer, but from a little searching it looks like Yo's permissions map exactly to those that push requires.)

I know exactly nothing about how Yo actually manages user accounts, but I will bet anyone alive an Airbus A380 stuffed full of dollars that of Yo's supposed ~50,000 users, of the tiny fraction of those who actually looked at the permissions before they installed the app, the only ones who knew that "find accounts" enables push were Android developers themselves. Of course, it makes complete sense that an app whose intended purpose — or, well, declared purpose, anyway — is to send a single, fixed string literal from one mobile device to another would use push notifications for that (what else are you going to do, long polling?), but did anyone actually check that the code could only send that fixed string literal?

If I decompile the Yo .apk, am I going to find something that looks remarkably like:

static final String yo = "Yo";
void pushMessage(User user, String message) {
  somePushFramework.push(user, message);
pushMessage(user, yo);

The users can't check that, unless they're willing to learn how to use a Dalvik decompiler, and while I aspire to the eternally bright outlook where users heroically take the initiative to learn what their tools are really doing, I live in a world where I have had to make sure that unnecessary abstractions like this do not make it into production code. Except in this case it wasn't "there exists a function that can be hijacked to send an arbitrary message," it was "there exists a function that can be hijacked to set an arbitrary environment variable to an arbitrary value." If that doesn't keep you awake at night, you probably shouldn't be writing software. Or funding it. If you are funding it, though, you should really have someone looking at the code who is kept awake at night by bad architecture.

How Yo got from enabling push notifications to leaking phone numbers I genuinely do not know. If I had to guess broadly, I'd go with thoughtless endpoint API design, which is a rant all by itself, and yet another argument for careful architectural review. I don't have much insight into how funders make decisions, but I have picked up a fair amount of understanding over the years about how software defies people's expectations of banality, and if you are not looking at how the software you are thinking about funding might unintentionally carry out something other than the intentions of its user, then you are not thinking about one of the ways in which you are exposing yourself to liability.

Edit: Like I said, I don't follow this shit obsessively, so I completely missed Marc Andreessen almost getting the point but missing it spectacularly at the last second:

No, Marc. Those Georgia Tech kids proved by construction that Yo, in the instantiation that attracted it ~50,000 users and over a million dollars, communicates way more than a single bit. That a seasoned investor would see the potential for one-bit apps (which there most certainly is, and he gets that), but not temper that vision by at least acknowledging the potential for a gap between intention and implementation, is troubling. That any investors went so far as to throw seven figures at this project, apparently without investigating that gap, is insanity.

1There is an argument to be made here about undefined behaviour in programming language semantics and why it shouldn't ever be allowed, since technically speaking, a diabolical C compiler writer who decides that the semantics of attempting to modify a string literal or divide an integer by zero should be rm -rf / is not wrong, but that particular framing of said argument is pretty hyperbolic.
purple hair
Tom Servo: Are you boys cooking up there?
Mike: No.
Tom Servo: Are you building an interociter?
Mike: No!

— Mystery Science Theater 3000: The Movie

If I had to sum up my life as an algorithm that can be expressed in one sentence, a good approximation might be "if it isn't working, try something else." I spent six and a half years in undergrad, for instance, bouncing from major to major like a robot turtle rebounding off obstacles, every time a course of study stopped being interesting, until I stumbled into linguistics looking for an easy upper-division English credit and found the interest-fueled momentum to graduate. My whole career has been like this, really. I can pretend, and on my resume I do pretend, that there's a coherent trajectory behind it all, but the farthest out any of it was planned was maybe fifteen months and that's because I deferred grad school by a year. (Also, if you think the coherent trajectory depicted on anyone's resume was intended, now you have been disabused of that notion. You're welcome.)

Having an operating principle like this means having, and constantly refining, a reliable sense of what "working" means and looks like. In day-to-day life this sense is fuzzy and subjective and took an awful lot of head-on wall collisions to develop into a robot turtle guidance system that mostly only glances off of obstacles these days. Contexts where it's possible to determine, objectively, a yes-or-no answer to some decision problem are outliers. They're really nice outliers, and I like them a lot, because the hardest thing about "solving" most kinds of problems isn't the work itself, but the uncertainty of not knowing whether or how your solution is going to fail on you. You might be able to make peace with the natural evils of flood and Halt and Catch Fire1, but even an honest mistake is a kind of inaction -- the kind you train and improve your whole career to be able to avoid. Any situation where you can determine, with no uncertainty whatsoever, that an alternative is the correct or incorrect one is a refuge.

So that works well for some problems at the individual-problem scale, but back out even just a little beyond that and uncertainty floods in around the edges. Decidable problems are priceless; for everything else, there's pattern-matching. (And when that inevitably fails, there's MasterCard.) Most "is it working or not?" decisions I run into are ones I can only pattern-match about. There are so many ways that heuristic decision-making can fail that inevitably some edge case will present itself clearly enough that the scale tips in the "not working" direction. The robot turtle casts about randomly -- or, more realistically, casts about according to some learned casting-about heuristic -- and then goes ambling along its robot turtle way. In our case, we looked for problems that lent themselves to the tools we were learning to trust, and hopped from one to the next to the next.

It's a little startling at first to look back and realise that the robot turtle has been hopping along for the last few years with very little course correction because it keeps not being obviously wrong. Of course, langsec so far has mostly kept itself to syntax and those parts of semantics that syntax can constrain, and syntax is decidable. That's starting to change. Not the decidability of syntax, I mean, the scope of langsec. I even think it's a scope expansion that Len expected:
I believe that usability is a security concern; systems that do not pay close attention to the human interaction factors involved risk failing to provide security by failing to attract users.

Usability has been the bête noire of security tools since the beginning of security tools: the sheer number of potential adversaries, the broad differences in scope of their capabilities, and the wealth of strategies (some time-tested, some showing their age, some deprecated but still hanging on in legacy APIs, and some as yet unproven) for countering them means there are no one-size-fits-all tools, only tools that apply in a given context and tools that don't. Tens of thousands of hours go into the design, peer review, implementation, and implementation review of crypto libraries and the applications that use them, yet end-to-end-encrypted instant messaging is only just now coming to Facebook via a third-party plugin. OTR has been available in open-source clients for years, but the fraction of IM users who use these clients is vanishingly small compared to the crushing volume of Facebook. Getting realtime browser-to-browser instant messaging right is hard enough even when you're Facebook. The wealth of browser platforms (and platform versions) out there does not help the situation one bit, and if you want to provide end-to-end encryption in the browser, that's a problem you have to charge head-on. And when your business model is "moar users," fucking up your usability (or the usability goodwill you've developed over time) is Not Done. First they'd have to figure out what security properties they wanted to add to Messenger, then they'd have to work out a protocol that provides those properties, there'd be tons of cross-browser issues to work out, and they still wouldn't hit the mark because browser delivery of end-to-end encryption software doesn't protect the user from whoever's doing the delivering. That's a design issue that goes right to the metal of the browser, and I'll go so far as to argue that a lot of that is because crypto APIs are terrible. Yes, the ones your browser uses the linker for.

The problem cuts that deep for the inverse of the reason that Facebook is conservative about UX: cryptographers are conservative about correctness, because their jobs rely on it. It's not that security and usability are incompatible, it's that people who care more about security are more motivated to do security things and people who care more about usability are more motivated to do usability things. But when the access patterns of software languages and libraries make it easy for the developers who use them to model their intentions, and the design elements and interaction patterns of interfaces make it easy for their users to express their intentions to the software (and those models agree where they meet up) —
And every phrase
And sentence that is right (where every word is at home,
Taking its place to support the others,
The word neither diffident nor ostentatious,
An easy commerce of the old and the new,
The common word exact without vulgarity,
The formal word precise but not pedantic,
The complete consort dancing together

— T.S. Eliot, "Little Gidding"

— the result is disruptive in ways with the potential to rock far-away foundations.

Justin Troutman recently contacted me to let me know that he's looking to meet up with people interested in the boundaries of competence between UX and crypto at HOPE X this summer. (I am assured by a reliable source that the keynote will be amazing. I can't make it, but you should go.) This is in preparation for a Much Bigger Thing to come, which I do not know how much I can speak publicly about yet, but I think it is pretty fair to say that Justin and I are looking at this problem in compatible ways and I think he's putting together a big step toward bridging the conceptual gaps that make Caring About the Opposite Problem(tm) hard.

Our first official academic workshop is tomorrow, at the conference Len always desperately wanted to get a paper into. We're a real little field now. C'mon, robot turtle, let's go try our hands at some even bigger problems.

1Okay, HCF isn't really a natural evil, but the joke wrote itself.


purple hair
We are in the process of securing a full-depth, 1m80cm tall rack for the flat. It may be possible to squeeze it in the laundry room behind the dryer, although Tom is more of a mind to put it next to the refrigerator, as they're about the same height and it will get better airflow that way.

This will provide a home for thequux's massive collection of vintage hardware, which does not yet contain a LISP Machine but once we get the VAXen racked let's talk. Power management for this project should be fun, since I don't think we intend to leave these machines on all the time, as that would be loud and expensive -- admittedly once we replace the old 110V power supplies with modern, more efficient 220V ones, power consumption will go down, but the Sun 2 doesn't need to be on all the time -- but it would still nice to be able to spin machines up or down easily and also remotely. Part of the goal here is to have the world's most baroque malware disassembly lab; I am consumed by the mental image of BadBIOS waking up on an Alpha and mumbling "where am I and who the hell did I go home with last night?"

Incident to all of this is that I have actually made enough headway on the mountain of boxes that has been the front half of my (very open plan) living room for the last year-plus to do something about the rackable boxen. For much of that time I have not actually been here, but now that my life is actually kind of settling down again it is long past time to finish goddamn unpacking. With that in mind, there will probably be progress photos as I get the library / atelier together. (Over the weekend I started an experiment in using bookcases as room dividers; once I have another pair of bookcases, it will also be an experiment in using the ends of bookcases as tool storage. Conveniently I have guidance from an expert in the practise of Billy-based interior remodeling; these are not going to be load-bearing walls, but frankly neither are most of the interior walls here and they're going to be anchored to the concrete wall to which they are at right angles once I find my masonry bits. Maybe the floor too, since it's also concrete.)

Anyway, back to work. Still here, therefore still invincible.

A writing insight

purple hair
Before using a simile in persuasive writing, think of a story about only the object of the simile, such that the narrative makes the subject of the simile self-evident. Like a fable.

Truth is stranger than fiction because fiction has to make sense.


Latest Month

November 2014



RSS Atom
Powered by
Designed by Tiffany Chow