I had my foot x-rayed today, and the radiologist and doctor who examined the x-rays said I had no broken bones. (For those of you who don't remember, a car ran over my left foot yesterday.)
I feel fortunate, and I hope I'll be able to walk normally again soon.
Jonathan Walther wrote to ask me an interesting question about the area of a Möbius strip.
I've been having a debate with a friend about how to calculate the area of a moebius strip, where the moebius strip is constructed by taking a 1" by 10" area, twisting it, and joining the ends.I have been maintaining that the area remains the same; that is, 10 square inches. My friend insists it is 20 square inches.
After discussion with my friend it became apparent that our different calculations came from our having different concepts of "area". He used a strip of paper to "illustrate" the moebius strip, and I feel this gave him erroneous intuition in this case.
My observation was that if you did make the strip from paper, you would need 20 sq. in. of paint in order to paint the whole thing. If you used 10 sq. in. of paint, you would have 10 sq. in. of surface unpainted.
However, Jonathan argues that this is a misinterpretation if the Möbius strip is seen as having zero thickness, because then points on one "side" are actually identical with the corresponding points on the "other side". He suggests that, on a zero-thickness strip, you can go only 10" before you return to your starting point. (On a strip made of paper with non-zero thickness, you must go 20" before returning to your starting point.)
Does anybody have a view to clarify this? It does just seem like a question of how to define surface area, but maybe there is a particular definition of "surface area" or "Möbius strip" which is somehow preferable.
(Normally you deal with areas in a plane, and the definition is easier. Is there something handy from multivariate calculus here?)
Five people came from Microsoft to meet with us on Tuesday about Palladium. It was very interesting.
"Sealed storage" is a very technically clever idea. Some of the subtleties hit me only after the meeting. Basically, you have a hardware co-processor within a machine which contains some unique secret symmetric key (not known to anybody other than the co-processor). Call this s. Also assume that the co-processor is also to take a hash h of whatever kernel k is running on the ordinary CPU. (In Palladium this is actually something called a "nub" -- in their marketing materials a "Trusted Operating Root" or "TOR" -- but we can pretend it's the OS kernel instead.)
The co-processor provides two functions, c=SEAL(p) and p=UNSEAL(c). Within the co-processor, SEAL is implemented approximately as aes_encrypt(s+h, p), and UNSEAL approximately as aes_decrypt(s+h, p). (I am simplifying and eliding many details; the real implementation is more complex and provides several additional features.)
The interesting consequence of this is that any program running on the system can call into the coprocessor and ask the coprocessor to encrypt or decrypt arbitrary data. (Actually, usually just a symmetric key for data, not the data itself, but we'll pretend it's the data.) The coprocessor by its very nature can successfully decrypt whatever it has previously encrypted, but only if the encryption was performed on the same machine while the same kernel k was running! If the decryption is attempted on a different PC (which has a different secret key h), or even on the same PC while running a different or modified operating system, the decryption routine will fail to decrypt the data. Thus, a program is able to say "encrypt this so that it can only be decrypted by a process running on the current machine under the currently-running operating system kernel". And the program can have confidence that the encryption occurs in an unobservable way and that the resulting encrypted data can be safely stored in an untrusted medium, because it will never be possible to decrypt it except upon request of software running in an identical environment.
I feel that I'm not quite doing justice to this clever technique, partly because I'm omitting some details, and partly because I haven't actually described the rest of the environment (how the coprocessor fits into the rest of the system, how and when the hash of the kernel is taken, how the coprocessor knows that the hash of the kernel is accurate, etc.).
But one interesting consequence of this idea is that you can actually have software which can be open source and runs on an ordinary PC and yet can store information locally on a hard drive in a way that the PC's owner (or somebody who steals the hard drive) can't use or transfer the information except according to a policy specified within the software. This can be the case even though the owner of the PC is able to examine and modify the software, and even to reboot the machine in single-user mode, and run debuggers and emulators and so on. There is no security-through-obscurity necessary, although there are still certain physical security assumptions involved (the user can't arbitrarily read or modify the contents of the coprocessor or certain other parts of the PC's hardware).
Think about this: if you move the file (and, if you like, the entire software operating environment!) to another PC, the application can no longer decrypt the file. If you modify the operating system (which you are able to do), the application can longer decrypt the file. If you run a different operating system (which you are able to do), the application can no longer decrypt the file. If you modify the application (which you are able to do), the application can no longer decrypt the file. This is a technically impressive capability! After the meeting, I kept realizing more and more interesting features of this design.
Sealed storage is one part of Palladium, although not the whole thing. It is one of the pieces which provide what we referred to as "epistemology" for software running on a trusted system. How can the software tell that it isn't running in a virtual machine, an emulator, a debugger, a system call tracer, a deceptive system-call tracer, a virtualized OS kernel, etc.? It's been suggested that it's a good thing when software can't tell, because end-users thereby acquire more control, or reverse-engineering for interoperability and competition is possible, or we can preserve computing history, or preserve human culture. If software can tell, maybe we can't do these things, because someone can try to make the software enforce a policy against running under emulation.
Descartes was one of the early epistemologists to worry about whether his sensory experience (what software calls input and output) is real or merely emulated, although that concern goes back to the very beginnings of philosophy and speculative thought.
Plato's cave is one more ancient instance of this anxiety -- and in some sense so is Chuang Tzu's "butterfly dream". Plato and Descartes, wholly unlike Chuang Tzu, specifically imagine a conspiracy on the part of a malignant intelligence. Shall we say that Western philosophy is more paranoid than Eastern, that the Western philosopher is always prepared to believe in the Adversary? In Chuang Tzu, the deception is simply a result of a dream, and no moral evil or ill will. But in Plato the victims of the deception are actually "en tautêi ek paidôn ontas en desmois kai ta skelê kai tous auchenas". Ouch! (Who would be so cruel as to chain people in a cave beneath the earth and shackle them since childhood, "ek paidôn"?) In Descartes we start off with ordinary and harmless dreams:
Praeclare sane, tanquam non sim homo qui soleam noctu dormire, & eadem omnia in somnis pati, vel etiam interdum minus verisimilia, quam quae isti vigilantes. Quam frequenter vero usitata ista, me hic esse, toga vestiri, foco assidere, quis nocturna persuadet, cum tamen positis vestibus iaceo inter strata!Age ergo somniemus, nec particularia ista vera sint, nos oculos aperire, caput movere, manus extendere, nec forte etiam nos habere tales manus, nec tales totum corpus [...]
But eventually, just a few paragraphs later, we come to possess an infinitely powerful and intelligent adversary whose only goal in life is to deceive us in the service of some terrible evil:
genium aliquem malignum, eundemque summe potentem & callidum, omnem suam industriam in eo posuisse, ut me falleret
(!)
If you walked into a psychiatrist's office talking about the genius malignus, summe potens et callidus, qui posuit omnem suam industriam in eo, ut me falleret, wouldn't you be diagnosed with paranoid schizophrenia, at least as long as your psychiatrist understood Latin?
But it's a reasonable fear for an epistemologist, or for a computer program. In the computer security world, there is an Adversary, there is a Devil, summe potens et callidus...
Cory suggested that trusted computing initiatives (and their technical features like sealed storage) occupy in security software's epistemology the same position God and God's perfection occupied in Descartes's epistemology.
Ut autem etiam illa tollatur, quamprimum occurret occasio, examinare debeo an sit Deus, &, si sit, an possit esse deceptor; hac enim re ignorata, non videor de ulla alia plane certus esse unquam posse.
(But so that that this [problem] might also be removed, I should, as soon as possible, examine whether there be a God, and, if there be, whether he might be a deceiver; for, being ignorant of this thing, I cannot appear to be able ever to be entirely certain about anything else.)
It doesn't take Descartes very long:
In primis enim agnosco fieri non posse ut ille me unquam fallat; in omni enim fallacia vel deceptione aliquid imperfectionis reperitur [...] nec proinde in Deum cadit.
(For in the beginning I perceive that it is impossible that he should ever deceive me; for in every deceit or deception there appears some sort of imperfection [...] and [this] does not thereby fall to God.)
Cory says God's part here in the software's epistemology is things like sealed storage, and the counterpart of God's perfection is Microsoft's trustworthiness.
It was nice of the Microsoft folks to come down and talk with us; I really enjoyed it, and I learned a lot about Palladium, not that I have a clear assessment of whether Palladium is good or bad. We met with them for about four hours, and I spent much of the rest of the day digesting and talking to other people about those four hours. And certainly there's a lot of sophistication there.
My foot continues to feel better. I think it's going to be back to normal soon; today I was able to walk on it. I tried to scan the x-rays with a regular scanner, but it didn't come out well. (I would have posted a picture of the bones in my foot here if I'd been able to.)
It's amazing how great things feel when you regain them again after a long absence. Eating after fasting (or being unable to eat), eating bread after observing Passover, recovering from an illness -- everything is sweeter and more beautiful by contrast with its absence, and everything can be taken away, even things we couldn't imagine we could ever lose. "E quindi uscimmo a riveder le stelle."
Janis Ian -- the musician -- says the RIAA is wrong about copyright and the Internet, and makes a fairly detailed argument. That's fun. I like her music, too!
Did anybody else notice they'd been reissued? I found some from 1999 in my change at the post office. I thought they were minted in 1979 and that was it forever.
Congratulations to Steve Fossett on finishing his balloon flight around the world! It seems that another balloonist made an interesting ascent here in San Francisco yesterday.
Leonard: I didn't know you'd want to part with your slide rule!
My foot was run over roughly the same way your foot was run over. The car which ran it over was stopped and it started, rolled over my foot, and then stopped again.
I finished The Holy Sinner by Thomas Mann (which I originally bought because of the Salter cover, judging a book purely) by its cover. The divine mercy recounted there is wrenching.
Here's a good one: how the hell do you write a thriller novel in a world that has cellphones? I happen to be writing a thriller novel right now: in fact, I'm here researching it, not that you'd ever guess. I'm not really here to pontificate at you. I'm here to soak up your grand ideas for use in fiction, because I need them even worse than you do.It's amazing how little technical room is left for the customary cliches of a thriller novel, in this, our modern, digitized, networked society. No more car chases -- because I just use my cellphone and I call the cops in the next town. No more gunfights in deserted warehouses -- I just use my cellphone and I call the cops. No more trailing the spy to his sinister lair -- I just use my cellphone and I call up the cop's video monitors.
I was thinking about this after reading The Holy Sinner. Much of the romance in writing set in earlier times comes from the incredibly long journeys. One character goes on a pilgrimage. Others go on quests. Typically, journeys take weeks and months.
Who nowadays in the industrialized world would take longer than a weekend to get somewhere? My longest-ever trip was across the continent by train: three nights and four days. Ordinarily, it takes just a few hours. The folks who came to visit from Redmond yesterday were no doubt back home in time for dinner.
Even using an automobile and stopping to sleep, you can cross this continent in a week.
The only exception to the rapid-travel rule I can think of is Wolfgang's walking trip. She walked to Oregon, and it took an amount of time she could notice, and it was romantic or educational or at least experiential as something she noticed and lived and something which happened to her. But walking to Oregon in a novel doesn't make sense for most of the population. (Sure, not everybody has enough money to afford plane tickets. But most people who can't afford plane tickets also don't have months of spare time to walk to other states.)
The smaller world and the transportation-as-product industries do eradicate entire plot elements connected with travel. You don't have to find a good horse and a good map because there is a company whose business model is getting you from one airport to another for $200 with no intervention (but some identification) on your part.
Travel is more anonymous in older stories because things are more decentralized. When a person comes from another country, you don't know anything about that person. (You don't have state-issued ID, and you don't have credit bureaus, and you don't Google.) In The Holy Sinner, Gregorius shows up and says he's a knight, and other people ask him to prove he's a knight, so he proves he's a knight by riding a horse and by fighting. He doesn't have a "knight certificate", and he doesn't have any personal or professional connections. (OK, he turns out to be the illegitimate child of the ruler of that country, but nobody knows that for several chapters more...)
Today, it's difficult to get from one place to another without revealing (even possibly proving) your identity. Amitai Etzioni thinks this is good.
But the Sterling-relevant thing here is not whether it's good or bad but whether it affects writing literature, and I guess it does, because travel and communications just don't seem to work the way they used to, and that interfere with standard devices of mystery and suspense.
Bruce Sterling also said something particularly funny in that speech:
Ladies and gentlemen, yes, I know that THE MATRIX is a sci-fi movie. In my game, you get the good stuff where you find it, okay? I don't have to name-check sci-fi movies up here. I could have stolen you something nice and exciting from the many bright and accomplished people at Microsoft Research and Development. I pay attention to them, too. I know they're into stuff like a Sensory Pocket PC that that detects touch, tilt and motion; and Chinese text-to-speech software that probably detects Chinese piracy in real-time. So I tried that. I Googled it. I surfed over to the Microsoft Research "Archived Headlines", but since they are a modern computer company instead of a big-budget science fiction movie, this is what I got off their web page:
[Microsoft][SQL Server Driver] Invalid object name 'features'. Drivers error '80040e37'
I decided to rebut the MPAA FAQ on the Broadcast Flag. What's more, I decided to do it in relatively simple and non-technical languge. See how you think I did.
Cory says I wrote some nice detailed notes about Palladium. Personally, I thought I wrote some nice detailed notes about Descartes and some cursory notes about Palladium. :-)
I'm reminded of when I wrote about a Richard Dawkins speech and Leonard said I'd summarized it. So let me actually try to summarize most of our Microsoft meeting.
(I am omitting some "sensitive" material, but none of what I omit is material which I think would embarrass Microsoft or expose it to criticism. No part of the meeting was under an NDA or confidentiality agreement.)
Please don't attribute anything below to Microsoft, e.g. in a news article; instead, you should call them to confirm it. I'm just giving my impressions and my understanding based on some fairly sparse notes.
We talked about lots of other things, but that's all I have notes on.
I also wrote a message to the cryptography list in response to someone who wondered whether Palladium would prevent you from writing your own programs and scripts:
> * or are not able to use shell scripts (at least not in
> trusted context). This means a
> strict separation between certified software and data.
The latter is closest to what's intended in Palladium. Individual programs using Palladium features are able to prevent one another from reading their executing or stored state. You can write your own programs, but somebody else can also write programs which can process data in a way that your programs can't interact with.
The Palladium security model and features are different from Unix, but you can imagine by rough analogy a Unix implementation on a system with protected memory. Every process can have its own virtual memory space, read and write files, interact with the user, etc. But normally a program can't read another program's memory without the other program's permission.
The analogy starts to break down, though: in Unix a process running as the superuser or code running in kernel mode may be able to ignore memory protection and monitor or control an arbitrary process. In Palladium, if a system is started in a trusted mode, not even the OS kernel will have access to all system resources. That limitation doesn't stop you from writing your own application software or scripts.
Interestingly, Palladium and TCPA both allow you to modify any part of the software installed on your system (though not your hardware). The worst thing which can happen to you as a result is that the system will know that it is no longer "trusted", or will otherwise be able to recognize or take account of the changes you made. In principle, there's nothing wrong with running "untrusted"; particular applications or services which relied on a trusted feature, including sealed storage (see below), may fail to operate.
Palladium and TCPA both allow an application to make use of hardware-based encryption and decryption in a scheme called "sealed storage" which uses a hash of the running system's software as part of the key. One result of this is that, if you change relevant parts of the software, the hardware will no longer be able to perform the decryption step. To oversimplify slightly, you could imagine that the hardware uses the currently-running OS kernel's hash as part of this key. Then, if you change the kernel in any way (which you're permitted to do), applications running under it will find that they're no longer able to decrypt "sealed" files which were created under the original kernel. Rebooting with the original kernel will restore the ability to decrypt, because the hash will again match the original kernel's hash.
(I've been reading TCPA specs and recently met with some Microsoft Palladium team members. But I'm still learning about both systems and may well have made some mistakes in my description.)
I'm also ignoring, for the time being, my attacks on Peter Biddle's "a blob is a blob" and "privacy = content protection" claims. That topic is interesting to me, but not necessarily urgent for people who are looking for more information on Palladium. But you should read his and Paul England's presentations from WinHEC.
I really like that the first Google hit for "Jack Valenti" is now Jack Valenti's 1982 VCR testimony! That's the first time I've ever been responsible for putting something ahead of a famous person's own home page in the Google results for a search on that person's name.
This result is not inaccurate. If you want to know who Jack Valenti is, and what he has done and what he has had to say, the 1982 testimony is a key document.
Several of us went on July 4 to see the San Francisco Mime Troupe in their debut performance of the political comedy Mr. Smith Goes to Obscuristan. More on this later.
A few days ago, I realized that an adult I saw couldn't read or write. That's never happened to me before.
In the most recent year for which I found statistics in the Statistical Abstract of the United States, 1 in 5 adults in California hadn't finished high school, though certainly most of those could read and write.
Obscene material is proscribed in this way [by the Miller test:] it appeals to the prurient interest [and] it's offensive. Basically, it's "It excites me; and I hate it."(Prof. Jonathan Zittrain, at ILAW, via Copyfight)
I had dinner with Kragen and Beatrice. That was really nice.
Kragen showed me a copy of the fantastic children's book Arm in Arm. I'd forgotten, but that book taught me about recursion, paradox, infinite regress, love, and other things. Plus, it's got the "copy kitten"!
Because Kragen was able to rip and encode Vanessa-Mae's CD The Violin Player using the free, unencumbered Ogg Vorbis audio codec, he was able to bring this music conveniently to a party of mine on his GNU/Linux laptop, and play her version of Bach's "Toccata and Fugue in D minor" for the partygoers. As a result, I went out today and bought my own copy of the CD.
It's great!
Obscene material is proscribed in this way [by the Miller test:] it appeals to the prurient interest [and] it's offensive. Basically, it's "It excites me; and I hate it."
I want to amend Zittrain's description of Miller to include the third prong (the material has no serious scientific, literary, artistic, or political value). So:
It excites me; and I hate it; and it sucks.
I was impressed by the number of replies I received to my notes on Microsoft Palladium. After Cory linked to it, a large number of blogs joined in linking, so that I actually got into the Daypop Top 40 (as high as #7) and even onto Blogdex (as high as #4). This is by far the most fame and notoriety my web diary has ever received.
There's a restaurant in the South of Market called Sitio. I originally thought it was a bar, and I thought it was a terribly fitting name for a bar.
This is, of course, because sitio means "I am thirsty". It's famous as one of the "seven last words of Jesus Christ". The original would more likely have been Aramaic, and the original written version is Greek --
Meta touto eidôs ho Iêsous hoti êdê panta tetelestai, hina teleiôthê hê graphê, legei: dipsô. (John 19:28)
Postea sciens Iesus quia omnia consummata sunt, ut consummaretur scriptura, dixit: sitio. (John 19:28 (Vulgate))
Afterward, knowing that all these things were accomplished, Jesus said, so that what was written might be accomplished: I am thirsty. (John 19:28 (my translation))
The "seven last words" are the subject of a musical composition by Hayden, as well as other works by other people.
(It turns out that this restaurant is actually named in Spanish, and its name is supposed to be translated "site" or "location". Oh well.)
I think my foot is still recovering. I've been doing a lot of walking without much trouble, but today it got sore afterward.
My mom was having some computer problems, and we tried to work on them over the phone, but it wasn't so great, because I'd have to tell her things to try, and she'd have to read me the results, and you know the bandwidth in that situation is really low -- well below 300 bps between the remote user and the computer if the computer operator isn't familiar with what you're asking him or her to do.
So I got my mom to download and install a VNC server for Windows, and I grabbed a VNC client for MacOS (I'm using this iBook at the moment, mainly just to ssh using the wireless LAN here), and in a few minutes I could see and interactively control her entire Windows XP desktop. VNC is great. Next time you're trying to help someone with a computer problem from far away, get VNC and get it set up first.
(It will help if both people have network connections faster than 56 Kbps, though...)
One of the cool things about VNC is that it's so cross-platform. Unix users can control a remote Windows desktop, Windows users can control a remote Unix desktop, Mac users can control a remote Windows desktop, etc. (There is a vncviewer in LNX-BBC, although currently no working X11 out of the new build tree.)
Intrepid readers of mailing lists I'm on may recall that there is even a PalmOS VNC client, and I once used that client together with a Ricochet modem to type characters into an xterm running on my Unix desktop system while standing in the middle of the room squinting at my Palm Pilot's screen. (Easier than that is to use one of the ssh implementations for PalmOS and create a text session -- but the graphical session did work! I call that inappropriate technology.)
I feel old because people the age of my little sister are now facing criminal charges for writing computer viruses. (Fortunately, my little sister herself isn't facing any such charges.)
It occurs to me to appreciate the kindness of one of my co-workers at TD Bank when I was an intern there in 1997 for taking me out on his lunch break around Manhattan to try to find non-leather dress shoes. I wish I could remember which co-worker that was.
We're still studying Palladium and TCPA and trying to get to the bottom of it all.
I've definitely talked to some pretty interesting people about this, and they have pretty diverse views.
Here is a cool story about Prof. Felten. I suggested to him that he should register a certain domain name. If he doesn't, I'll suggest it here, and other people can register it instead.
Finally, somebody has found an example of code which can kill someone: genetic code for viruses, which can now be transmitted effectively (one can imagine lethally) across a digital medium. (On the other end, though, you do need a virus-assembling mechanism.)
DVD litigation fans will recall that Judge Kaplan compared DeCSS to a pathogen, where other people have compared it to poetry. (And then, of course, there's Daniel Alter. But mostly in the United States it's legal to teach people how to kill people. In fact, the government does that today. I wonder if the work of Wimmer et al. will give new meaning to "publishing a virus" and whether courts will be prepared to protect that as speech.)
I went to the Dar Williams concert at Bimbo's on Columbus, and it was very beautiful. She sang many of my favorite songs, and I discovered that the EFF office is full of Dar Williams fans, including some fairly devoted fans. (I think I've been to every Dar Williams concert here in the City since 2000, but perhaps there are some I don't know about.)
Dar sang two new songs -- one about fishing, another about being a parent ("The One Who Knows"). I think the refrain was something like
So when they ask how far love goes
When my job's done, you'll be the one who knows.
I'm enough of a fan that I noticed things like changes of "the" to "a" ("'cause when you live in a world") and a voiced "z" which appears as unvoiced "s" in the recorded version. ("Hey Dar! You're singing your song wrong! It's supposed to be /s/!")
Speaking of "s" and "z", I was talking to a new EFF volunteer about the German character eszet (which is also spelled other ways) -- if your browser can render it, it's ß. We were wondering where this character comes from and what it might have in common with the Greek beta. Often a glyph for beta is used as a glyph for eszet.
A little bit of research reveals that it's purely a coincidence that eszet looks so much like Greek beta. As the name suggests, eszet means "sz", and the HTML character entity name for the character is "ß", because, historically, it's a ligature of the long s (the form which produces things like "Congrefs" in English, and from which we also get the integral sign in calculus) with z. The z is a curly z and the s is a long s, and they are joined together in a ligature, and that's probably also why eszet is usually open on the bottom where the classical beta is closed. Also, in a beta, the bar on the left descends slightly below the curve, where an eszet will have the bar approximately level with the curve if it's printed with a separate glyph.
(The above is partly cribbed from my note to Riana.)
Various people have said that "copyright is the engine of creativity". Who hearing "James and Marybeth" could disagree?
ABCDEFGH -------- |r q rk |8 |pbpn pp|7 | p pp |6 | p |5 | PPn |4 |P BBPN |3 | P QPPP|2 | R RK |1 --------
NTK has some hilarious coverage of Yahoo keyword filters, which lead, NTK notes, to "medieval" appearing as "medireview".
I observed that the same substitution ("review" for "eval") leads to reviewuate, reviewuation, retrireview, prreviewent, and even primreview. ("Medieval" and "primeval" both incorporate the Latin aevus, which means "age" or "time"; "primeval" is pertaining to the first age and "medieval" pertains to the middle age.)
Yahoo also replaced "expression" by "statement", leading to oddities like Statementism (the artistic movement, doncha know) and the political virtue of freedom of statement.
(This subsequently appeared on slashdot.)
I misspoke back in November when I said that the author of the Pledge of Allegiance and the author of Looking Backward were the same person. They were different Bellamies; they were cousins.
I re-read The Diamond Age by Neal Stephenson. I liked it even better than the first time. I was looking for the passage about King Coyote:
Castles, gardens, gold and jewels
Contentment signify, for fools
Like Princess Nell; but those
Who cultivate their wit
Like King Coyote and his crows
Compile their power bit by bit
And hide it places no one knows.(The Diamond Age, p. 437)
After I found that passage, I found it hard to put the book down, and I read from p. 437 to the end, and then from the beginning up to p. 437, and then from p. 437 to the end again. It's very good.
(Princess Nell certainly turns out to be no fool.)
You can do a lot with one line of Perl. For example, I wanted to change the default root device of a kernel image -- the way rdev(8) does -- to block device major 240 minor 0 (which is /dev/cloop if you use the cloop driver). So I found how to do this with dd, instead of rdev, and then it turned out that it could all be done this way:
perl -e 'open V,"+<bzImage";seek V,508,0;print V "\0\360"'
Now that's concise.
My dad and my stepmother are visiting, and I've managed to clean up again.
We had some various pieces of good news today in EFF-land, including a subtle and hard-to-explain triumph.
If you're going to be around D.C. on Wednesday, don't miss the DOC workshop on DRM. (Richard Stallman will be there, will you?)
Happy Yellow Pig Day, and happy birthday to Cory.
Dmitry Sklyarov was arrested one year ago today (on July 17, 2001). Now he is free. It didn't have to turn out that way. Dmitry started off as a "Russian hacker" -- an archetype inspiring considerable fear in many people.
(We should distinguish computer security and copyright enforcement, so that we should speak of "computer security and l'havdil copyright enforcement" -- but I have to say that I'm reminded of Feynman's story about how people reacted when he learned to pick the locks at Los Alamos. They decided to keep him away from their locks: "That was their solution: I was the danger!")
Today Dmitry Sklyarov is many other things to many other people -- a folk hero, a subject of songs and poetry, a name to conjure with, an example in terrorem deterring attacks on DRM, an example held up in white papers and cited in court cases, a graduate student, a father. He is also a free man. It didn't have to turn out that way.
I'm honored to have had my work linked to from Bruce Schneier's Crypto-gram for the first time. The current issue links to my rebuttal of the MPAA's Broadcast Flag FAQ.
Declan says that the RIAA is now proposing its own broadcast flag. Does anybody have details about this? (No, please don't tell me "the EFF published a piece on Consensus at Lawyerpoint about it"...)
Let's talk about people who have been misled:
[Sandra Banning, mother of Michael Newdow's daughter] described herself and her daughter as practicing Christians who are active in their Elk Grove church. [...] The girl replied "that it was OK because she will still whisper 'one nation under God' and no one will know she is breaking the law," Banning said.(Bob Egelko, "Girl in pledge case not an atheist, mom says", San Francisco Chronicle, July 16; see another version of the story)
So Sandra Banning, or somebody, told her daughter that Michael Newdow is trying to make saying "one nation under God" against the law (and lock up all those theist kids or something?).
The law in the U.S. is that you can pray in public, you can pray in private, you can pray in public school, you can advocate religious belief in public school, you can wear religious symbols and slogans -- if you are a student. And this is perfectly proper, and an important part of religious freedom and free expression. What you can't do is have the public school advocate a religious belief.
If lots of kids think that Michael Newdow is trying to stop them from saying that they believe in God, then they will have good reason to be angry with him (even if they're his daughter -- maybe especially if they're his daughter). But of course that's not what Newdow is trying to do.
His complaint is with religious activity on the part of government, not religious activity on the part of students.
Maybe many children think that, if adults try to lead them in saying something, they must say it, and if adults don't lead them in saying something, they may not say it. But an earlier Pledge case -- as some people observed, before the Pledge included "under God"! -- says children don't have to say what the adults expect them to. That's Barnette. And another case says children have their own free expression rights and can say things adults don't approve of. That's Tinker. Fixed stars, schoolhouse gates.
The free expression (and free exercise) rights of young people are important to me, but I see a tendency to minimize them. The separation of church and state in public education makes especially strong sense if we think that young people have their own beliefs -- very possibly distinct from their communities' or their parents' -- and their own rights to express those beliefs.
Maybe Newdow's and Banning's daughter doesn't yet know she has those rights -- but Banning ought to know it. And she ought to tell her daughter: you can say whatever you want, and you can disagree with your father, and he's not trying to take that right away from you.
I haven't written much about actual concrete advocacy arguments, but you can check out the latest in Microsoft advocacy versus Linux. I think the bottom line is that Microsoft is saying "we're reliable, we're predictable, we're comprehensive, and you know exactly what you're getting". It's not totally surprising that these characteristics, and especially the broad theme of predictability, would appeal to corporate IT managers.
What does surprise me is that Microsoft argues that Linux users may suffer from vendor lock-in because certain Linux applications or other software are not standard across all distributions. Vendor lock-in is one problem free software users are particularly unlikely to experience.
A group of people went to protest today at the Technology Administration's DRM workshop in Washington, DC. Declan took great pictures, including one of the best pictures of Richard M. Stallman I have ever seen. It sounds like the protest was interesting; I'm waiting to hear from Robin, who was in the audience representing EFF.
I went with Praveen and others to the concert at the Fillmore given by They Might Be Giants. (Other people, including Leonard and Zack Weinberg, went to see the same show the night before.)
Noe Venable opened, which I found odd, because I also heard her open for Dar Williams last week. Dar and TMBG are rather different, but they chose to have the same person open for them. (Noe's music is much closer to Dar's, I think, than to TMBG's. They are both female singer-songwriters who have songs which tell stories, and the similarities don't end there.)
Noe Venable has a beautiful singing voice, and she can hit amazingly pure notes. Her web site has several downloadable tracks, including Juniper, which she performed at the Dar Williams concert (though not at TMBG).
Here's my attempt at her lyrics:
Mama, oh, Mama,
I don't wanna come down,
not if it's all like it was on the ground,
hiding my feet cause I'm too shy to dance,
hiding my face behind both of my hands.
Mama, o Mama, don't make me come down,
'cause I don't know what will come out of my mouth.
People will hear, they won't know who I am,
People will hear, and they won't understand.
Mama, I've seen them, the others like me,
once I could see it was all I could see,
the silent procession that crosses the snow:
with skeleton ladies like skeletons go.
Mama, o Mama, I can't let you know
how my trouble began, but I can't let it go.
Plummeting into the nightmare below
I'm better awake and I'm better alone
Mama, oooooo
Mama, oooooo
Mama, o Mama, up here where I'm free,
I have seen beauty you wouldn't believe:
Juniper's ledges and Juniper's birds
where Juniper's edges and mine become blurred.
Mama, o, Mama, if you only heard
the reasons for living, the freedom of words,
the blooming balloon of a thought being born
safe in the branches of Juniper's arms.
Mama, oooooo
Mama, oooooo
Mama, o, Mama, I'm not like you think,
a harrowing walk down a narrowing street.
If I had my way I would bring the whole world,
every sleepwalker and each hungry girl.
Mama, o, Mama, and old Uncle Tom,
my father the preacher, my daughter the song,
tell every bell to just wake up and ring
tell this old choir to just shut up and sing!
Oooooo
oooooo
oooooo
oooooo
oooooo
Mama, o, Mama, I'm holding your hand,
in these glorious dreams in which you understand.
Mama, o, Mama, we're spinning around,
Mama, o, Mama, don't make me come down.
Oooooo
oooooo
oooooo
oooooo
oooooo
Dar and Noe both, I think, have singing voices which differ dramatically from their speaking voices. In Noe's case, it's even more extreme, because she speaks with a high-pitched, sing-song voice with certain cadences which make her sound like she might be ten or twelve years old. When she sings, though, she seems to have perfect control, like an opera singer, and, as I said, a tremendous purity. (One of my companions at last week's concert suggested that Noe might cause glasses to shatter with her voice.)
I disliked two things about the TMBG concert. First, I didn't like the volume level. This was an actual "rock concert", and so it was very distinct from (for example) the Dar Williams concert last week. I covered my ears with a sweatshirt practically the whole time, and it was still very loud. It was much louder than necessary for the whole audience to hear clearly.
At other events I've been to with amplified sound, the main point of the amplification was to be sure that everybody could hear. At this event, there was also whatever motive drives rock concerts to be almost painfully loud, so that some people who attend them actually suffer physical injury.
Second, I didn't know a lot of the songs! As I wrote a few days ago, I know Dar Williams songs so well that I can detect a change at the consonant level. But I only own one TMBG album (Flood) and know a few other songs of theirs from radio play. But TMBG played many newer songs and, I'm told, some things which were not yet released on any album. It's really a lot more fun for me to know the songs in detail than to hear them for the first time.
One song I did know, which isn't on Flood, is "Older". It's available for legal free download in Ogg Vorbis format. (Do me a favor -- if you don't have an Ogg player, go get one, and download "Older" to try it out. It will be a good thing in the future that you have an Ogg player.) The band interrupted "Older" in the middle with another song and then picked up exactly where they'd left off. They liked doing things like that. They love jokes and puns and, in a lot of senses, they're extremely geeky.
Old favorites on Flood which did get played were "Birdhouse in Your Soul" and "Istanbul" (hooray!). The nachos at the Fillmore were pretty tasty (although they cost $10 for small portions). Maybe it's a better tactic to eat dinner in some nearby Japantown restaurants.
I had a great time dancing to "Istanbul", which is an upbeat song with a tremendous inner geekiness to it. Maybe historical consciousness is so rare that if you show historical consciousness you are automatically geeky.
Nick Moffitt is famous! Cable modems suck (or they might suck in the future)!
I saw Danny and Quinn, and read funny brief science fiction stories about chemical elements. (I think that link's from Leonard.)
I listened to "Juniper" again, and I want to say that the lyric is "in which skeleton ladies like skeletons go" rather than "with skeleton ladies like skeletons go" (as previously reported).
Why is digital rights management in tension with fair use? Partly because it threatens to freeze fair use in 1996 and kill off, in advance, innovative new fair uses which were unknown in the past. Fred von Lohmann explains. And here are some vivid observations:
Were it not for the fair use doctrine, each of the following activities would be infringing:
- whistling a tune while walking down the street (public performance)
- cutting out a New Yorker cartoon and posting it on your office door (public display)
- photocopying a newspaper article for your files (reproduction)
- quoting a line from The Simpsons in an email to a coworker
- reverse engineering of computer code (reproduction)
- time-shifting" a radio or television program (reproduction)
- playing an excerpt of Roy Orbison's "Pretty Woman" in a copyright law course (public performance)
- quoting from a novel in a review (reproduction)
(Those aren't really part of the argument, they're just nice observations.)
I got a lot of exercise today as I rode my bike (with two flat tires!) over Potrero Hill to see Annalee, then back over Potrero Hill to EFF, and subsequently off to see Katy. (Katy used to live in the inner Sunset, so if I'd ever made a bike trip to her old place, I could have ridden off into the Sunset.)
Annalee gave me a bunch of good books. These were review copies, so in addition to cheering for Annalee, we ought to cheer for first sale.
It turns out that O Canada Girls was recorded on a special limited-edition version of The Green World. I don't like that; to me, part of the point of an album (especially in the digital world) is that you should be able to say something like
The MD5 value of The Green World is e7cbedea5fea81b683a66f537976b08d.
and thereby have a unique identifier for the one true version of that album. Having different things called "The Green World" seems to sow confusion. (Note: the MD5 value above is not actually the MD5 value of The Green World, but it is the MD5 value of "The Green World".)
But this clears up some confusion because people had told me that "O Canada Girls" was "from The Green World" and it didn't make any sense to me that they should say so.
Happy birthday to Zack. I had a nice time at his party, where lots of people worked on artistic products and ate junk food. I also had some pretty geeky conversations with some of the geekier attendees.
A couple of days later, I cooked a really healthy, really good meal for my family, as if to make up for the junk food. But I don't think it works quite that way.
I also took a couple of trips around the city with my family; it's been fun to have them out here.
It turns out that Hollings and Tauzin have each sent a letter to Chairman Powell urging him to implement the broadcast flag mandate by FCC rule, with no additional legislation. This comes as something of a surprise to us.
I had my best-ever game of NetHack, and, as is usual in such cases, died in an extremely silly way.
(17th level Valkyrie, red dragon scale mail, theoretical AC -18 if I could have repaired my armor's damage, completed Sokoban and the Quest, explored the Mines to the bottom, had +3 rustproof Mjollnir, most immunities, bag of holding, rustproof Vorpal Blade, Gauntlets of Power, 200-some hit points, extra constitution [up to 19, which appeared to regenerate three HP per turn], luckstone, identified most rings and scrolls, clairvoyance, polymorph and polymorph control, and cleared the entire outer tier of Fort Ludios. My only major problem was that I lost about 25 useful scrolls by falling into the moat at Fort Ludios. But that wasn't what killed me. What killed me was being eaten by a purple worm which was actually a chameleon I'd been watching with my clairvoyance. I released the chameleon from a small room using a wand of digging, the chameleon emerged in the guise of a purple worm, and the worm ate me.)
I do want to preserve here for posterity some notes on the Sokoban levels which appear in NetHack. They're pretty tough because there is no undo, and you have to take the irreversible step of destroying certain boulders. If you choose poorly, a given Sokoban level will be unwinnable (although you might be able to salvage it with a scroll of earth).
I've done it before by guessing correctly, but this time I decided to be careful and think everything through beforehand. So here are the boulders you ought to destroy in the first two levels (with "`" replaced by "X").
---- -----------
--.@-------- |.........|
|..........| |.........|
|.`-----`-.| |.........|
|..|...|.X.| |....<....|
|.`.`....X-| |.........|
|.`..`..|..| |.........|
|.----`.--.| |.........|
|..`...`.|.-- |.........|
|.---`-...`.------------+|
|...|..`-.`.^^^^^^^^^^^^.|
|..X......----------------
-----..|..|
-------
and
--------------------
|........|...|.....|
|.``..-``|.-.|.....|
|..|.`.X.|``.|.....|
|-.|..-..|.-.|..<..|
|...--.......|.....|
|...|.X.-...-|.....|
|.`.|`.|...--|.....|
|-X.|..-----------+|
|..`....^^^^^^^^^^.|
|...|@>-------------
--------
This shows the final Sokoban level after it's been cleared out, with the two boulders which should be destroyed (no others need be):
--------------------------
|>.......................|
|.......----------------.|
-------.------ |.|
|@..........| |.|
|.....X.X...| |.|
--------.----| |.|
|............| |.|
|............| |.|
-----.-------- ------|.|
|..........| --|.....|.|
|..........| |.-.....|.|
|.........-- |-|.....|.|
-------.---- |.-.....-.|
|........| |-|.....|--
|........| |.-.....|
|...------ --|.....|
----- -------
Has anybody created some kind of notation which allows for efficient descriptions of Sokoban problems, and especially for efficient automated solutions? I have a feeling that many Sokoban problems are actually formal logic problems, but I have no idea how to begin constructing such an isomorphism.
Speaking of puzzles, we have at home a 15 puzzle which is actually an 8 puzzle which is actually a frog -- instead of numbers on the moving squares, there are parts of the picture of this frog. I found it extremely difficult to solve, because I couldn't visualize where the pieces were supposed to go. But at Zack's party, I took some pieces of paper, wrote numbers on them, and taped each number onto the proper part of the frog. Once I had the numbers available, I was able to solve the puzzle in under 30 seconds. Perhaps this shows that I don't have particularly good spatial skills. After scrambling the frog again and removing the numbers, I still had a tough time restoring the frog's order.
Transposition macros are a lot easier on the 8 puzzle than on the 15 puzzle.
I had a couple of unsuccessful NetHack games. Zack W. points out that Sokoban levels can be solved without breaking any boulders at all. This is more of a challenge than simply solving these levels, and in most cases I hadn't even realized it was possible.
Speaking of corrections, Kragen points out that e7cbedea5fea81b683a66f537976b08d is not actually the MD5 checksum of "The Green World". I added a newline character at the end accidentally. (You need to say "echo -n" if you want to suppress those.) The actual MD5 checksum of "The Green World" is 075408abd558e264ae8c5e42bf23b78b. It's impressive that somebody caught this error