Stephen Laniel’s Unspecified Bunker

Thank Christ.

Full article below the fold. (The Globe is bad about archiving.)

(more…)

Wow: Wired has a super-interesting interview with a hacker, describing his discovery of just how insecure most hotel computer systems are. There appears to be no authentication and no encryption on most of them, and it’s easy to discover as much information about other guests — including the items on their bills — as you could want. Since you can also use hotel TVs to write email (though I can’t imagine why you would), the attacker has that avenue open as well. Well worth the five-minute read.

(Via Slashdot)

I’m right now rummaging through the terrible PHP hack that I’ve been handed, because the guy who wrote it hasn’t had time to modify it. For that matter, he apparently didn’t have the time to write it decently to begin with.

Just to give you some sense, this is a PHP page to allow a client to edit the client’s pages through a web interface. It’s a bad idea for a number of reasons, not the least of which is that there are far cleaner, better-tested and more-featureful ways to do the same thing.

For some reason in the middle of this hack, the programmer decided to make a certain file readable, writable, and executable by everyone in the world; that is, there is a chmod 0777 in the middle of the script. I see no good reason for him to have done this.

There are no functions in this PHP script. It is one continuous block of code.

It is also completely uncommented.

The more I read about the possibility that the Sox will trade Manny to the Mets, the more upset I get. It just doesn’t make sense. I think today’s New York Times article on the subject summarizes it perfectly. See below the fold for the whole article.

Nomar was one thing. Theo Epstein didn’t make many friends from that trade, but within weeks it was obvious that he had made the right decision. The 2004 season bore him out, and Nomar’s unfortunate run of injury since then is further vindication. But even I could tell, when they traded Nomar, that it was the right decision: he hadn’t been producing since his injury, he wasn’t all that exciting at shortstop — certainly Cabrera did a better job in the second half of 2004 than Nomar did in the first — and he was a toxic presence in the clubhouse. (Yes, I realize that in his heyday Nomar was unbeatable. But his heyday had passed.) Absolutely none of those things can be said of Manny. And we shouldn’t forget that he’s responsible for 1/5 of the RBIs the Sox have gotten this season. I think it’s quite fair to say that if we ditch Manny, we stand no chance of making it to the Series this year. I’d love to be proved wrong, but that seems pretty clear to me.

(more…)

The U.S. has talented directors and talented actors, not to mention talented screenwriters  . . .  probably, for financial reasons alone, we have the greatest concentration of skilled filmmakers in the world. So why does it seem as though we put out a continuous puddle of stock romantic comedies?

I’m not misguided enough to believe that all European films are better than American ones. I’m sure they have their share of shlock. However, it’s probably the case that on average, European films are better than their American counterparts. And there’s probably a lower percentage of truly awful movies in the Michael Bay vein.

And whatever the reason, I’ve not yet seen an American remake of a European film that exceeds the original’s quality. Far from it: every single one has been a disgrace. I’m thinking in particular of the remake of Insomnia. The original was dark and spooky and made you feel uneasy, and the main character carried a strange feeling of haggardness and desolation. The subtext about relations between Norway and Finland (if memory serves) was strangely discomforting. The whole thing was a masterpiece that played with your emotions. The best that can be said of the Christopher Nolan remake is that it was directed by Christopher Nolan. It was a further step down on Robin Williams’s continued slide into obscurity.

Don’t get me started on the remake of The Vanishing. The original was actually philosophical: the main character was evil because he wanted to prove to himself that he had a choice whether to be good. Throughout his life, he had repeatedly tested himself to decide whether he actually had free will in any non-vacuous sense. The original Vanishing ended on an exceedingly down note.

But there’s the first axiom of American films: they are simply not allowed to make you feel bad by the time you’re done. So the American remake of The Vanishing — disgracefully directed by the same guy who made the original — takes away all the philosophy and replaces the unhappy ending with “love conquers all”. He completely destroyed his own movie.

(See also Brazil, for an example of a movie that American studios tried and failed to destroy.)

The assumption seems to be that American audiences are simply not capable of complicated thought, and that we cannot stand to be made unhappy by films. I don’t quite understand this. If it’s true, it makes one ask why Europeans are supposed to be so much smarter, more nuanced, and more risky than we are.

Much of this might have to do with the structure of the European movie industry (state-sponsored?), the European philosophy (which I understand is much more influenced by the French, and particularly by Rousseau, than by American pragmatism), and so on. Still, it’s curious: we’re not all idiots, so why does Hollywood treat us as though we are?

Right now I have my own laptop, a client’s laptop, and another client’s desktop machine in front of me. I believe this is more computing power than put Neil Armstrong (and a couple other guys) on the moon.

Man, I should invite him to get drinks.

I’m trying to help people who want to know how to restore their Dell system to the way it was when they got it, but may not know the specific Google terms to search for to figure out how to get access to it. They may, for instance, as I did, Google for “rapid restore,” which is the name of the equivalent procedure for IBM laptops. Dell users may be wondering how to get access to the restore data in a hidden partition on their hard drives. Turns out they can reboot and press Ctrl+F11 (Control, then F11, or Function 11, which is one of the Function keys). They should start pressing it as soon as the Dell logo pops up on their screen, and stop pressing it as soon as that logo disappears; if they press it any longer, they’ll (unintuitively) get a keyboard error and PC Restore (which is officially “Dell™ PC Restore by Symantec”) won’t run.

There. Perhaps that’s enough Google bait to catch most users. This hunt for Dell™ PC Restore by Symantec — stymied as it was by the weirdly-time-sensitive-Ctrl+F11-pushing — took me longer than it should. Perhaps this will help folks.

My favorite example of this comes from the blurb on the back of packets of Pepperidge Farm Milano Cookies, which begins “Imagine strolling down the cobbled streets to your favorite European bake shop . . . ” Indeed. If only it continued “As you converse with the owner in fluent European . . . ”

(Via Crooked Timber)

Reminds me of a line from The Cable Guy:

Sam Sweet: Oh my God! Oh my God! My twin brother has been shot! I think it was an Asian gang or something . . .  There was this guy, he looked Asian . . .  and he was speaking another language, I’m pretty sure it was . . .  Asian.

Uwe Hermann’s excitement at setting up an ad-hoc network is pretty great. Reminds me of the time Adam Rosi-Kessel , Ken Shan , and Dylan Thurston (the latter two sadly on their way to New York soon, by the way) set up a network between two cars moving down the Interstate, with the goal of sending files from one of the machines to the other. It turned out that one of the machines didn’t have some program or other, so they used dpkg-repack to package up all the install files on one of the machines and hand then over to the other. The mind quickly starts running to post-apocalyptic possibilities: what if the Internet were destroyed tomorrow (presumably it would involve a few bombs at MAE-East, MAE-West, and a few other places)? In that case, it would be very useful to have the push-button ability to set up ad-hoc networks amongst many thousands of neighborhood computers: I connect to my neighbor, my neighbor connects to his neighbor, etc., etc. Maybe one of us has a reliable wired connection or a fast wireless one; that person ends up providing net access to the rest of us.

It’d be an interesting experiment to get a few hundred people to volunteer to go without net access for a week, and only have an ad-hoc network between them. See how well they can bootstrap themselves into an ordinary networked life.

I wonder how Google addresses all the various ways of trying to hack PageRank to get pages to the top of their listings. The standard description of how PageRank works is that pages with lots of links to them are more highly ranked, but only if the linkers themselves are highly linked. A page with lots of inbound links, all else being equal, has a higher PageRank than a page with fewer inbound links; likewise, a page with inbound links which themselves have higher PageRank will, all else being equal, have higher PageRank.

But there’s an easy way to hack this, it seems to me. Just set up thousands of, say, porn sites, all of which link to one another. Voilà: now you’ve got a site with lots of links from other sites which themselves have lots of links.

So it seems to me that Google would very quickly have to move to some kind of cluster analysis: identify those pages that link heavily to one another as constituting a cluster (or clique), and give a page a higher rank if it has inbound links outside the cluster. So perhaps they’ll use the standard that, again all else being equal, a page has a higher rank if its inbound links, in some sense, come from a more diverse group of linkers. A site with a few thousand inbound links from a few dozen sites would have a lower rank than a site with a few thousand inbound links from a few thousand sites.

This could still be hacked, I’m sure, but I suspect Google uses some sort of statistical approach to identify scammer sites. A SpamAssassin-like approach is pretty reasonable: assemble a large number of tests, each of which may be pretty dumb on its own but which, taken together, can reliably distinguish scammers from legitimate sites. Depending on the details this could look like boosting, or the final estimator could just be a linear combination of the scores from the individual tests. I’m sure Google uses all sorts of statistical wizardry for this sort of thing. They have an enormous database to build on, consisting not only of links but also of page contents, so I suspect they can spot fraud pretty easily.

If it’s not obvious, I would love to work for Google.

Having finished Beyond Oil yesterday (about which more later, possibly), I’ve moved on to Richard Dawkins’s book The Blind Watchmaker. I’m only about 50 pages in, but it’s already extremely good. Dawkins is a phenomenal writer. He also manages to intersperse little bits of probability theory here and there, which tilts toward my methodological biases (viz., that no one has any right to talk about reality without understanding at least the rudiments of probability theory). And his discussion of bat echolocation in the first couple chapters — with the goal of convincing the reader that nature is a very awe-inspiring thing, and that natural selection detracts not at all from that sense of wonder — is magisterial. It has made me rush over to add Listening In The Dark: The Acoustic Orientation Of Bats And Men to my reading list.

I’m sure I’ll have more to write about The Blind Watchmaker. It’s awfully good.

The New York Times today compliments Bill Frist for supporting an expansion of stem-cell research. Yay for that, but I’m a little uneasy with this:

Although critics often contend that advances with adult stem cells make research on embryonic stem cells unnecessary, it is notable that Mr. Frist, a physician and a researcher by training, disagrees. He described embryonic stem cells as “uniquely powerful” because they have the capacity to develop into any kind of tissue in the body, potentially enabling them to meet medical needs that adult stem cells cannot.

Frist is the same guy, remember, who said that by watching Terri Schiavo on a videotape for an hour, he could tell that she wasn’t in a persistent vegetative state. This guy will obviously say anything to score political points.

We can’t have it both ways, and neither can Frist: if he’s lost our trust by playing political games, he can’t regain it by saying something that we agree with.

There’s hardly any support for Bolton in Congress, and yet Bush plans to make him the U.S.’s ambassador to the U.N. by recess appointment. What a bastard.

Can anyone provide me with the historical justification for the recess-appointment function? It’s established in Article II, Section 2, Clause 2 of the Constitution:

The President shall have Power to fill up all Vacancies that may happen during the Recess of the Senate, by granting Commissions which shall expire at the End of their next Session.

My copy of the Federalist Papers is nicely cross-referenced with the clauses within the Constitution that each Federalist is meant to defend, and it turns out that Federalists 67 and 76 address the recess-appointment clause. However, the portion of 67 which deals with the recess-appointment clause only defends that clause against the charge that it allows Senators to be elevated to office during recesses — a charge which “Cato” had made in Letter V:

e framers of this perfect government, as it is called, have departed from this democratical principle, and established bi-ennial elections for the house of representatives, who are to be chosen by the people, and sextennial for the senate, who are to be chosen by the legislatures of the different states, and have given to the executive the unprecedented power of making temporary senators, in case of vacancies, by resignation or otherwise, and so far forth establishing a precedent for virtual representation (though in fact their original appointment is virtual) thereby influencing the choice of the legislatures, or if they should not be so complaisant as to conform to his appointment — offence will be given to the executive and the temporary members will appear ridiculous by rejection; this temporary member, during his time of appointment, will of course act by a power derived from the executive, and for, and under his immediate influence.

So that charge is irrelevant to our present concern, and Cato obviously got it wrong.

As for Federalist 76, it gives the recess-appointment clause less than passing mention, along the way to explaining the justification for the “advice and consent” clause.

The Volokhs, I discover through some googling, point to a Federalist Society white paper on the topic. Perhaps this will provide some good information.

Bases loaded, Sox ahead by just one run in the bottom of the eighth inning, John Olerud comes to the plate. The stats say that he’s a career .340-something hitter with seven grand slams, but I’m thinking, “Olerud? Please. I don’t even understand why he’s in at first base instead of Millar. He’s washed up.” So what does he do? He hits his eighth grand slam.

I still think the Sox are crazy for — as far as I can tell — slowly working Millar out of the rotation. But goddamn, Olerud: thank you.

Wow. I can’t believe what I just saw. Two outs, Sox batting, Twins pitcher allows a few hits. Lead runner (Bill Mueller) makes a run for home plate (from 2nd base, I believe), Twins’ right fielder throws to home to try to get him out, throw misses the catcher at home. Someone — the Twins’ third baseman, I think — runs after the ball that’s now behind and to the left (from the batter’s perspective) of home plate. Meanwhile a second Sox runner gets home. The Twins player behind home plate gets the ball and throws it back toward the catcher, but that throw misses too. Johnny Damon’s between third and home, caught in a rundown. He’s on his way home when the third baseman or the shortstop — whoever now has the ball — tries to throw from third to home and hits Damon on the back of the helmet; Damon makes it home. Three runs for the Sox, two errors for the Twins. It should have been a single run at most. Wow. I’m speechless at how bad that sequence of plays was.

Then again, I’m not out on the field.

P.S.: The Boston Globe provides more detail:

Bill Mueller scored from second when Jones’ throw from right was misplayed at the plate by Mauer. Minnesota starter Carlos Silva, who was backing up the plate, then threw wide past Mauer while trying to throw out Tony Graffanino, who had come around from first. Damon then took off for the plate, and was given home after third baseman Luis Rodriguez hit him in the back of the head with the throw. Mauer and Rodriguez were charged with errors and Damon was given an RBI.

P.P.S.: I love baseball quotes:

Lamented Twins manager Ron Gardenhire, “Morneau should have cut it. Joe should have caught it. Silva should have ate it. Rodriguez shouldn’t have hit the guy in the head.”

18 bloody innings? No one likes extra innings. I’m sure the players hate it. 18? That’s just egregious.

Benjamin Mako Hill — another very cool Debian developer — has written an excellent article entitled Towards a Standard of Freedom: Creative Commons and the Free Software Movement.

The idea is that the free-software community has taken a position, whereas CC has not: when you get software licensed under the GNU General Public License, for better or worse you know what you’re getting. It may be extreme, but it takes a position. As Hill excellently puts it,

Had CC followed a model similar to that of Free Software, they would have drawn a line in the sand. “This is a Commons film. That film is not.” It would have sent a clear message that making a CC document is more difficult than convincing the CC board to add another license to the CC website. By drawing this line, CC would be taking the risk that not as many individuals would be able or willing to use CC licenses and that some injustices and imbalances might not be addressed by their project. Non-participation, even en-mass, was a risk Richard Stallman was willing to take in the pursuit of more freedom for software. Ultimately, users of the GNU/Linux operating system created by the social movement he initiated have his stubbornness to thank for the consistent level of software freedom they enjoy.

Some people are going a bit over the top with Ajax, but every now and then it’s used judiciously in a way that makes websites much, much more usable.

I think my favorite small-scale use of Ajax is when the designer has a form that takes up a full page, with lots of fields to fill in. In the traditional web form, you fill in the long form and press a submit button, the submission goes up to the server, and you get back some response page. If anything bad happens in the middle of that process — say, your computer crashes, or you lose power, or you get disconnected from the network — you’ve lost a full page of work.

The modern, better way to handle long forms like this is to send a small bit of data back to the server every time you change one field within that long form. Amazon is doing this very nicely now whenever you rate books and movies on their “Your Recommendations” page. It used to be that you’d give your ratings for 10 or 15 movies, then press submit and wait for the response. Now, every time you rate a single movie, the Amazon page sends your rating up to the site. This tiny change makes the whole thing much more responsive, and you can move on to the next page of ratings without having to submit the current page.

This brings the responsiveness of web apps just a bit closer to that of regular desktop apps. And the combination of technologies (the XMLHTTP object and Javascript) has only been in wide use for less than a year. I’m curious what the next couple years will bring to web apps.

I’m very curious what the next version of Internet Explorer will look like. Some dude has a great survey of the new version, complete with lots of good screenshots.

(Via Slashdot)