The magic alphabet, the mysterious hieroglyph, come[s] to us only
in an incomplete and garbled form, garbled either by the passage
of time or by those with a vested interest in our ignorance;
should we retrieve the letter which has been lost or the sign
which has been effaced, should we reconstruct the dissonant
scale, we shall regain our authority in the world of the mind.
(Gérard de Nerval
(quoted by Paul Eluard, Poésie involontaire et
poésie intentionnelle (quoted in
Metagraphs to Georges Perec, A Void (trans.
Gilbert Adair))))
"Poésie involontaire" is all over the place; I'm sure the
Oulipo would have been thrilled by
Danny's haiku
discoverer, and much else computers have done for our
understanding and enjoyment of language.
I was trying to remember who wrote
not ... by his pure morals, or excellent example merely -- but in a
mysterious manner
by way of taking his religion seriously, and it turns out that it
was S. T. Coleridge. (Coleridge was writing about how he believed
Jesus had saved him.)
I thought of this quotation because I was thinking about how people
like to be polite to one another. When one person has a
strongly-held belief, especially about the efficacy of (let's say)
a method of salvation, or perhaps a political or ethical doctrine,
a second person, wanting to be polite, will often say, well,
your religious leader was a great teacher, or your
doctrine is a source of much inspiration. And in the
hard-core old-school no-holds-barred old-fashioned whole-hearted
style of believing things, that kind of politeness doesn't get
you very far.
It's definitely more conducive to friendly co-existence. For
example, when I was growing up, we tended to hear in Hebrew
school that Jesus of Nazareth (not, of course, Christos)
was a great teacher. In fact, this is a pretty
conventional position among non-Christians living around
Christian culture. (Take a look through J. D. Salinger's
Franny and Zooey, and so on!)
I remember that C. S. Lewis spent a long time attacking the
argument that Jesus was a great moral teacher. In fact, that
was the whole point of the "Trilemma" argument, to undermine
the respectability of the middle position or moderate position,
in favor of a more extreme view. So Lewis was contending with
a lot of liberals who were repelled by things like the
symbolum
Nicenum and had come to feel comfortable with the "great
teacher" position. And he attacked that position mercilessly.
But that view, what Coleridge calls Jesus's "excellent example",
was already fairly old in Coleridge's day. Deistic and skeptical
writers had been attacking the supernatural elements of Christian
stories for a hundred years. Very few of them suggested that
Jesus was a bad guy. Instead, they typically said that what
Jesus had to say was true and useful to humanity, and could
be separated from the supernatural and theological dogmas
which had grown up around them. (It was very important to C. S.
Lewis to maintain that Jesus himself was responsible for making
certain supernatural claims for himself, because then anybody who
denied those claims would presumably be calling Jesus a "Liar"
or a "Lunatic", which is to say, approximately, a bad guy, or an
untrustworthy guy. So Lewis particularly tries to avoid any
separation of Jesus's "moral" message from his (largely Johannine,
not synoptic) theological claims.)
These days, I'm hearing similar vague praise of Islam from
non-Muslims, that Islam contains useful moral lessons and
that Mohammed was a great teacher. In some sense, this
is a way to avoid giving offense, but it's still far off from
Muslims' practice of considering Mohammed a prophet of God.
One thing I notice is that only a tiny percentage of people who
call doctrines they don't believe inspirational will spend any
significant amount of time studying them for inspiration. Hebrew
school students who are told that Jesus was a great moral
teacher (with "pure morals" and an "excellent example merely")
aren't usually encouraged to go out and read gospels. How many
people who've praised any tradition foreign to them have actually
made themselves familiar with it in detail?
Is there a better way for people who think that something is
effective "in a mysterious manner" (as Coleridge thought of
Jesus, and as many other people are wont to think of other
things) to talk to people who don't think so, or who haven't
shared that experience?
Somehow a whole year has gone by since I started working at EFF,
back in August 2001.
So, that Barney vs. Wil Wheaton fight on Thursday was great fun,
and was recorded on lots of media by lots of attendees.
If you've got a QuickTime player, don't miss the
Barney
videos shot by Paul Weinstein. The NBC News coverage is
great fun. It even briefly shows Kieran and Mae Ling.
You can also see Wil grabbing Barney by the tail and swinging
him around. (I'm still waiting for a movie of Wil leaping over
Barney's light saber.)
(Note, re the NBC story, that EFF was not involved with the Rio
lawsuit (RIAA vs. Diamond Multimedia); that was defended by Andrew
Bridges of WSGR. Also, EFF does not expect to be sued in connection
with our ridicule of Barney this past Thursday.)
The DNA Lounge
also has
its own pictures, which are very nice, and I've seen pictures
published on-line at a couple of other sites.
I skinned my knee in a pre-benefit light-saber duel with John
Gilmore. One thing I did not expect to do when I moved out to
California was skin my knee fighting John Gilmore. But he's
rather dextrous, and I could only get away by doing a full-body
roll beneath a chain. Evildoers, beware!
In
an earlier diary entry,
I suggested that Palladium-based DRM
implementations aren't looking so hot for publishers, because
they can be defeated by a hardware attack which supposedly
costs under $100 and requires little more expertise than current
attacks against software-only DRM.
Fred von Lohmann explained why Palladium DRM would still be a good
proposition for publishers, even if these assumptions were
correct: publishers would get "a $100 hardware hurdle for the
average couch potato". Fred thought that that kind of expense
(and the effort of physically installing a mod-chip-style device)
would eliminate 90% to 99% of the attackers who would be willing
to attack DRM with software they could download from the
Internet. He also claimed that, statistically, practically no
computers users ever open their computers at all.
So the suggestion is that, if you think statistically, a $100
barrier is an extremely effective security measure, especially
when you compare it to the (amortized) barrier of approximately
$0 -- in the long run -- for defeating all extant software DRM
schemes.
This again shows how DRM's security model is very different from
traditional security (although Schneier seems to suggest that
that, too, is a matter of costs traded off against benefits).
In traditional security, if you heard that a $100 technology,
the means of constructing which were well-known to everyone
skilled in the art, and schematics for which had been openly
published, could defeat your security, you would probably not
want to claim that you were secure. In the DRM world, this
may be considered a reasonable risk, because the measure is
still guaranteed to be effective against most attackers.
Yes, there. Now I've articulated a specific difference. In
regular security, if any attacker succeeds, the security measure
has failed. (Schneier, infra, will worry about
how "well" it fails, but read that article.) In DRM security,
if fewer than n% of attackers succeed, the security measure is
good enough, and is satisfactory.
A strange paradox resulting from this is that the discovery
publication of a practical and effective exploit against a system
may not affect the system's "security" according to this
definition! (If the exploit isn't appealing and easy and cheap
enough for n% of attackers to use it, it will be deemed not to
matter, even though any individual attacker is in principle
able to use it at any time.)
A corollary of this is that you can create a system and publish
your own exploits against your own system in advance (and not
patch against them), and your system may still potentially be
"secure". That is counterintuitive.
Michelle and Sarah visited me. (Sarah is Michelle's cousin.)
Michelle made use of
Craigslist
to buy a laptop, which looks like a
nice laptop for a reasonable price (especially because it came with
a Zip drive and a CD-RW drive). It was manufactured by
Sharp, one of the BPDG
dissenters (yay BPDG dissenters!). I currently need spare network
adapters (100baseTX, 802.11b) and a modem, all in PCMCIA form factor,
for Michelle.
I had a horribly complicated and very emotional dream on Saturday
which involved being back in Massachusetts. It seemed to have gone on
for hours, considering the number of topics touched upon, but I'm never
sure how dream time and wall-clock time interact.
On the following night, I had a vivid nightmare in which I was a
character in an action movie. it was a spy movie in which a bunch of
technically-proficient former employees of an evil organization had
to figure out how to break into that organization's lab (using their
knowledge and perhaps their old access codes and tokens) in order to
do something -- I think sabotage the lab's project.
I assumed that the effort would turn out all right because I had some
kind of sense that I was in a movie and that movies always turn out
all right, but I didn't know how it would work out. So I was
one of the team which had to break in, and we were sitting around
in some kind of camp we'd set up in a building on the outskirts of
the lab compound we had to break into, arguing about technical issues
related to how we would break in. One of the problems was that we had
to acquire several objects without alerting the guards.
So at a certain point, I picked up one of the objects, and all of the
other people there became angry at me, because that object had been
alarmed, and they'd all known it and I hadn't. And the alarm went off,
and I figured there would be a chase scene, but instead all of the
guards showed up and captured us. So then I figured there would be a
clever escape scene, but there wasn't, and instead a representative
of the evil organization showed up, threatened us, and then put us into
a scary "biometric-destroying machine". The idea of this machine was
that it would physically reconfigure every aspect of each of our
bodies which might have served as a biometric identifier, so that none
of us could use any part of our bodies in the future to establish
our identities. (Apparently some of our biometrics were still listed
as "trusted" in the databases of various organizations, and the
solution they'd decided on was not to delete our biometrics from the
databases but to delete our biometrics from our bodies.)
The representative told us that the biometric-destroying machine didn't
hurt, but none of us believed her.
As it turned out, the machine didn't hurt, but we were inside of it
for several hours, and it was scary because all of our physical
appearances changed somewhat, because the lengths of our bones were
altered slightly! When we came out of the machine, none of us looked
quite the way we had before, and it turned out that the movie was
over, and had had a happy ending, but for a completely different
reason, thanks to a different plot involving the actions of
other characters. In other words, we weren't (as we had believed
ourselves to be) the heroes of the movie; it was OK for the plot of
the movie that we had been captured, because the success of our plan
was superfluous in the end. So we were free and the movie had a
happy ending, but all of our biometrics had been altered.
Nick and Duncan continued in their quest to get me set up
with a DEC Multia running Linux. The Multia is a famous
machine which DEC produced as a desktop workstation with an
Alpha CPU. They were amazingly cheap after a little while,
frequently available for free. (But I, paraphrasing Jamie
Zawinski, said that "Multias are only free if your time has
no value".)
Multias look something like this:
(image from
http://www.omroep.nl/nps/radio/supplement/99/0426/gfx/multia.jpg)
Oh, wait. That's a different kind of machine called a Multia. Actual
DEC Multias are somewhat smaller...
The Multia is famous for having a 64-bit CPU on a workstation, which
was relatively unusual when the Multia came out and is still unfamiliar
to PC users. One of the cool things was the 64-bit time_t under Linux,
so that GNU date could calculate the day of the week for an extremely
long period of time into the future. (It's probably not right, because
there will probably be a different number of leap days than the current
formulas predict.)
These are funny!
Duncan: Do you have a SCSI cable?
Seth: I haven't discovered SCSI yet.
Nick: "Your scientists are currently researching SCSI."
Also:
Seth: Long live 64-bit time_t!
Nick: You mean long long live 64-bit time_t!
In Berkeley, I was asked how I would protect people if I were a safety
officer. I took out a book and brought it down in a series of four
chops, shouting "Don't! Commit! Rights! Violations!". Well, it
was funny if you were there.
Nick persuaded me to install Debian on this iBook, so I wiped out MacOS
completely, and now it's Debian all the way. I've never installed
Debian onto a non-Intel machine, but I was surprised at how
straightforward it was. The AirPort card and the sound card are
supported; XFree86 runs (at only 800x600, alas), and I've got
OpenSSH, sniffers, Mozilla, gcc, and all sorts of other good stuff --
probably comparable to what I'd have under MacOS X, but here I can
apt-get source anything which strikes my fancy.
Having an iBook running Debian impresses people, somehow; they see
it as incongruous, and they see it as hard-core. Some people are
disturbed by it. Others didn't know it was possible.
Because Debian is a complete Operating System, the installation
procedure may seem a bit unusual.
(debian/README.html)
Via Electrolite,
there is a
fascinating
piece about Bruce Schneier, which talks about what security means,
and how Schneier became increasingly skeptical about the efficacy of
cryptography alone.
Gosh, but
Guy L.
Steele is clever.
I got a bit of an appreciation for what DJs do by watching
several DJs at work with vinyl LPs this week (at a party of Andrew's,
and at the DNA Lounge). I hadn't understood exactly what they
were doing until I got to see it up close; for example, I'd heard
of beat-matching before, but I didn't understand the theory. (DJs
are actually able to mix two songs together -- changing the phase
and tempo of both with their hands and their equipment -- in such a
way that the songs' rhythms blend together and the transition is
almost imperceptible. That's one of their tricks, and there are
others.) So obviously modern art forms and disciplines are being
created which couldn't have existed before, and human beings are
still constantly showing off their skill and especially their
versatility.
(I knew what a cross-fader was, I owned a cross-fader, I'd even
used a cross-fader both at a party and on a live radio program,
but I never heard the full potential of the cross-fader until just
this week... and perhaps I still haven't.)
John Young is getting some
strong responses
for publishing the names of secret agents (something he's done
repeatedly in the past, but which this time was the subject of
some press coverage). The reactions are including death threats.
This article is meaningless,
and I thought so even before I saw it linked from slashdot. Doesn't
anybody have anything real to say about Linux and business and
the free software movement?
You can get
official
information about China in Esperanto.
You can also get (not in Esperanto, but in English)
Shakespearean apocrypha, including such texts as
Arden of Feversham,
The Merry Devill of Edmonton, and
The Tragedy of Locrine.
[Main]
Contact: Seth David Schoen
