Home
Flash
Store
GeoURL
For those of you who read this site over RSS, or are a day late, you missed the festivities.
For everyone else, whose days rest on there being an entry here in the morning for them to read, and
who forgot for a tiny second that today was my favourite day of the year, c'mon, admit it...that was
pretty good, eh? :)
|
|
Apr 01st, 2004 - iNane Cats
Apr 02nd, 2004 - a lesson in insecurity
Buying a pile of books from amazon.ca a few days ago, I happened to notice that my credit card was a
month away from expiry. Now this piece of plastic is essentially a debit card that works online, as
far as I'm concerned. If thinkgeek.com, greenearthorganics.com, amazon.ca and delivery.ca took
debit, I probably wouldn't need it for anything. As is, it's necessary to my survival. So I called
my bank to get it renewed.
"Hi there, my credit card is expiring next month and I was wondering how I go about getting it renewed."
The cheerful voice on the other end responded, "Well, I can have them send you a new one, I just need some information from you. What's your first and last name?"
I told her.
"What's your birth date? Okay, and birth month? Aaaand birth year? Good. And address? Okay, lastly: what's your phone number?"
I answered each of the questions. "Good," she said. "Okay, and I just want to confirm: is your old credit card number five-one-nine-one-two.."
"Whoa whoa whoa", I interrupted her string of numbers. "Were you just going to tell me my credit card number?"
"Yes, to confirm this is the right card."
"And all I had to say was my full name, birthday, address and phone number?"
There was a pause. I was interrupting her little script of how a credit card renewal is supposed to go. She probably needed to pull out the problem customer manual before she could proceed. "We ask those questions to ensure that you're really you."
"Someone could find all that information online!"
She made a sort of coughing, muffled-chuckle noise into the phone. "Well, not unless you're posting all your personal information for everyone to see."
My credit card was successfully renewed ("enjoy, and thank you for choosing our service!") but not before leaving me utterly stunned. My name and parents' address (I've got the credit card subscribed to that address, not my own) can be found from whois, birthdate from Orkut, and though my whois phone number is out of date, there are reverse phone-number lookups online to correct that. And that's just one way to get all the information required in under 3 minutes. Out of curiousity, I picked one of my profs at random, and managed to grab his full birthdate, address and telephone number in just under two minutes. This is not a hard task, and yet it's all you need for the bank to happily recite your credit card number.
And people are worried about modern day encryption keys becoming too weak. Pah. I know where the real security holes are found: between the chair and keyboard.
"Hi there, my credit card is expiring next month and I was wondering how I go about getting it renewed."
The cheerful voice on the other end responded, "Well, I can have them send you a new one, I just need some information from you. What's your first and last name?"
I told her.
"What's your birth date? Okay, and birth month? Aaaand birth year? Good. And address? Okay, lastly: what's your phone number?"
I answered each of the questions. "Good," she said. "Okay, and I just want to confirm: is your old credit card number five-one-nine-one-two.."
"Whoa whoa whoa", I interrupted her string of numbers. "Were you just going to tell me my credit card number?"
"Yes, to confirm this is the right card."
"And all I had to say was my full name, birthday, address and phone number?"
There was a pause. I was interrupting her little script of how a credit card renewal is supposed to go. She probably needed to pull out the problem customer manual before she could proceed. "We ask those questions to ensure that you're really you."
"Someone could find all that information online!"
She made a sort of coughing, muffled-chuckle noise into the phone. "Well, not unless you're posting all your personal information for everyone to see."
My credit card was successfully renewed ("enjoy, and thank you for choosing our service!") but not before leaving me utterly stunned. My name and parents' address (I've got the credit card subscribed to that address, not my own) can be found from whois, birthdate from Orkut, and though my whois phone number is out of date, there are reverse phone-number lookups online to correct that. And that's just one way to get all the information required in under 3 minutes. Out of curiousity, I picked one of my profs at random, and managed to grab his full birthdate, address and telephone number in just under two minutes. This is not a hard task, and yet it's all you need for the bank to happily recite your credit card number.
And people are worried about modern day encryption keys becoming too weak. Pah. I know where the real security holes are found: between the chair and keyboard.
Apr 03, 2004 - Oblivious
I can't hear you, I can't hear you! *fingers in ears* Lalalala!
Dinner is half a loaf of corn bread, a "warrior rice bowl", and a bunch of cookies that fLufFy made.
I stick the Halo soundtrack in the kitchen CD player, strap on a pair of rollerblades, and get to work on washing the stack of dishes on the table.
Today I put up a few book shelves in my room, scrubbed the inside of the oven, and rotated some spring clothing out of the attic. Anything to avoid doing anything school related. I'm being unfairly hard on myself about a particular grade, and thus would rather be on my hands and knees scraping grime out from the inside of the oven than have to sit down and be reminded of the academic world. Sometimes it's easy to shrug off assignments, othertimes it's hard to remember that those numbers are an evaluation of one particular piece of work, and not of you.
If I turn the music up loud enough, it's almost enough to forget about it.
Dinner is half a loaf of corn bread, a "warrior rice bowl", and a bunch of cookies that fLufFy made.
I stick the Halo soundtrack in the kitchen CD player, strap on a pair of rollerblades, and get to work on washing the stack of dishes on the table.
Today I put up a few book shelves in my room, scrubbed the inside of the oven, and rotated some spring clothing out of the attic. Anything to avoid doing anything school related. I'm being unfairly hard on myself about a particular grade, and thus would rather be on my hands and knees scraping grime out from the inside of the oven than have to sit down and be reminded of the academic world. Sometimes it's easy to shrug off assignments, othertimes it's hard to remember that those numbers are an evaluation of one particular piece of work, and not of you.
If I turn the music up loud enough, it's almost enough to forget about it.
Apr 04, 2004 - Date and Time
Today is 04/04/04, and the 4th occurance of Y/Y/Y this century -- and the 16th (4 times 4) it
has happened since the year 0 (though the decision to call that particular year "zero" only
happened long afterwards). Lots of fours running around today, and four is associated with death in
Chinese custom. Now I don't believe in that any more than I believe in the year zero being a
"natural" choice, but if there's an apocalypse later this afternoon, I'll apologize. (Of course, it
would have been much more appropriate for the apocalypse to happen at 04:04:04 this morning...I'll be
sure to complain to the apocalypse-organizer once I see him.)
More annoyingly, we lose an hour today. "No! You can't take it! Give it back!" I screamed, as the time-repoman yanked it from my fingertips. Dammit, I needed that hour. Does this date-time system feel annoyingly primitive to anyone else?
More annoyingly, we lose an hour today. "No! You can't take it! Give it back!" I screamed, as the time-repoman yanked it from my fingertips. Dammit, I needed that hour. Does this date-time system feel annoyingly primitive to anyone else?
Apr 05th, 2004 - I'd rather be doing...what?
So after a crappy weekend, Monday morning came around and it was a
struggle to convince myself to put in the energy to prevent the week from
being crappy too.
What would you rather be doing?, I asked myself, fifteen minutes after my alarm went off but still without the will-power to get out of bed. What would make you start your week happily?
I couldn't think of anything I'd rather be doing. Taking classes is awesome, work's going well (we have a BBC reporter coming tomorrow, for whom we'll be doing a dog and pony show), I have a First Monday publication coming out next month, my 49x group has their act together, I'm hanging out with friends next week, my room is the cleanest it's been since I moved in, and I was called a "very impressive undergrad" last night. So what the hell's my problem?
Stood up, grabbed some breakfast, threw some clothes on, and biked to campus -- with a stop for a coffee and muffin -- without being late for my meeting.
What would you rather be doing?
What would you rather be doing?, I asked myself, fifteen minutes after my alarm went off but still without the will-power to get out of bed. What would make you start your week happily?
I couldn't think of anything I'd rather be doing. Taking classes is awesome, work's going well (we have a BBC reporter coming tomorrow, for whom we'll be doing a dog and pony show), I have a First Monday publication coming out next month, my 49x group has their act together, I'm hanging out with friends next week, my room is the cleanest it's been since I moved in, and I was called a "very impressive undergrad" last night. So what the hell's my problem?
Stood up, grabbed some breakfast, threw some clothes on, and biked to campus -- with a stop for a coffee and muffin -- without being late for my meeting.
What would you rather be doing?
Apr 06th, 2004 - Fly on the wall perspective of our interview
Despite M2Crypto dying on me right before my demo (colourful language ensued), the interview with BBC
guy went fairly well. I think it says something about the number of times we've done this before,
that I could tell you what everyone else is going to answer *before* they answer it. Everyone has
their catch phrases and catch answers, and we also have a fairly good sense of which of us should
answer which questions.
Unfortunately, they always cut out the amusing bits. Highlights are below:
I think we amuse each other far too much. It probably drives these interview guys crazy.
Unfortunately, they always cut out the amusing bits. Highlights are below:
Interviewer: Could you state your name and job title?
Me: Sure. My name is [Catspaw] and I'm.....uh........guys, what am I?
metac0m: She's a code ninja.
Me: My name is [Catspaw] and I'm a code ninja.
Interviewer: Let's just go for the name.
Interviewer: So did you learn anything from those you were helping?
Graeme: No, I make an effort not to learn from people.
Me: Sometimes language is a barrier. I mean, sometimes we visit an Iranian webpage and we can't tell what the content is because we can't read it. It could be a human rights page, it could be porn.
Interviewer: Wouldn't it have pictures you could see if it was porn?
Me: It could be persian text-porn.
Argh! "Persian text-porn"?? That's the lamest answer ever. I deserve to be shot.
Interviewer: Couldn't terrorists use your software?
We all laugh.
Interviewer: What?
NinjaTim: We predicted you were going to ask that.
Me: Everyone always asks that.
Graeme: "Terrorists prefer hotmail."
metac0m: That's out catch phrase of the day.
Interviewer: Oh. Okaaaaaaay....should I not ask it then?
NinjaTim: Oh no. Ask it. We like it.
Interviewer: So I have to ask: Open Source. Any remarks on the Open Source movement?
Everyone looks at Graeme.
Graeme: Don't look at me! Argh! They're all looking at me because I like Windows! Stop it!
Me: We're just providing as much information as possible to the public so that they can make an informed decision about what's happening around them, whether the blocking is a human rights page or --
Graeme: -- or "persian text-porn".
Me: [glaring at Graeme] Yes, or porn.
That persian text-porn thing is gonna bite me in the ass for weeks to come, isn't it?
I think we amuse each other far too much. It probably drives these interview guys crazy.
Apr 07th, 2004 - Operating Systems: final remarks
Does it count as cheating to publish links to solutions to problem set
questions? Probably. So strike me down for an academic offense, because
this course seriously bugged me.
I think that the time that it took for the administration to come up with these questions (flip through the textbook and select numbers at random) was a microcosm of the effort put in to coordinating the course as a whole.
The class average of the last test was 92.18%. The class average of the entire term is 83.5%. As someone who's next-highest class average ever was an English course where the class average was 70%, this is absolutely ridiculous. Especially since almost everyone skips every single class. When the average is this high, it no longer properly distinguishes between the good students and the poor, and the odds of marks being arbitrary drastically increases.
There were show-stopping errors on the midterm, and I can hardly stand to sit in class for more than about 15 minutes without wanting to scream. I was also given a 50% on an assignment due to doing things a little differently than most, which was raised up to an A upon questioning. The classes were painfully slow and painfully dull and I learned absolutely nothing.
I consider this course to have been a total failure. I doubt anyone learned very much, and I very highly doubt that anyone was evaluated very well. I shudder to imagine what the exam is going to be like: I fear that it's going to contain a bunch of arbitrary crap to try to bring down the class average and it'll bring it down by flunking everyone, including me.
I don't even care how I do in this class anymore, that's how bad it is. I've got a 4.0 in that class right now, who knows how it'll end. Accuse me of cheating for the above and give me a D-. I don't care.
I'm pissed off.
Problem Set #4 Solution Links:It took me exactly 82 seconds (timed it) to find these five solutions to the five questions. There's a reason why you don't just hand out questions from the textbook: because it makes it intolerably easy to cheat.
1. Textbook: Exercises 11.13. (20%)
http://www.cs.uni.edu/~schafer/courses/143/handouts/ans2.htm
2. Textbook: Exercises 12.1. (20%)
http://www.cs.purdue.edu/homes/yau/cs354/sol.html (as 11.1)
3. Textbook: Exercises 12.6. (20%)
http://www.cs.uni.edu/~schafer/courses/143/handouts/ans2.htm
4. Textbook: Exercises 14.2. (20%)
http://william.krieger.faculty.noctrl.edu/archive/c2002_03_csc420/homework/hw07.htm
5. Textbook: Exercises 14.16. (20%)
http://www.ece.cmu.edu/~ganger/ece546.spring02/homeworks/exam1solns.ps (as Problem 6)
I think that the time that it took for the administration to come up with these questions (flip through the textbook and select numbers at random) was a microcosm of the effort put in to coordinating the course as a whole.
The class average of the last test was 92.18%. The class average of the entire term is 83.5%. As someone who's next-highest class average ever was an English course where the class average was 70%, this is absolutely ridiculous. Especially since almost everyone skips every single class. When the average is this high, it no longer properly distinguishes between the good students and the poor, and the odds of marks being arbitrary drastically increases.
There were show-stopping errors on the midterm, and I can hardly stand to sit in class for more than about 15 minutes without wanting to scream. I was also given a 50% on an assignment due to doing things a little differently than most, which was raised up to an A upon questioning. The classes were painfully slow and painfully dull and I learned absolutely nothing.
I consider this course to have been a total failure. I doubt anyone learned very much, and I very highly doubt that anyone was evaluated very well. I shudder to imagine what the exam is going to be like: I fear that it's going to contain a bunch of arbitrary crap to try to bring down the class average and it'll bring it down by flunking everyone, including me.
I don't even care how I do in this class anymore, that's how bad it is. I've got a 4.0 in that class right now, who knows how it'll end. Accuse me of cheating for the above and give me a D-. I don't care.
I'm pissed off.
Apr 08th, 2004 - Published, recognized and stretching
Remember that "Fundamental Issues with Open Source
Software Development" rant I wrote back in February, during a fit of anger at GForge? Among all
of you who read it (thanks to those who provided insightful comments, suggestions and anecdotes), was
someone on the First Monday decision committee who had read it, liked it, and highly suggested that I
send the rant in. On a whim ("why the hell not?") I did.
For those of you who haven't heard of it, First Monday is the journal that first published Eric Raymond's famous The Cathedral and the Bazaar, among many other articles on a variety of internet-related topics. This month's issue has my paper. I scrolled up and down along it a few times and whistled. It's not MIT Press and it's not the best thing I ever wrote, but it's a nice start.
Later in the day I had to pick something up from the undergraduate office, having never been there before, and was handed my envelope before I said my name or what I was here for. "You knew my name," I observed (lamely) with a giggle. She nodded and shrugged. "Of course. Why wouldn't I?" I raised an eyebrow and she just smiled. I can't tell if some people are joking. "All the faculty know you. You're more like a prof than a student, anyway", someone else (that thing with the thing (you need a better nickname)) commented later in the day about something else.
Also I maaaaay be writing a 5000 word chapter on hacktivism, possibly with metac0m as a co-author. The catch being that it would have to be written right when I'm supposed to be studying for exams. And that Jason hasn't gotten back to me on it yet ;)
Yay! Life's going well.
For those of you who haven't heard of it, First Monday is the journal that first published Eric Raymond's famous The Cathedral and the Bazaar, among many other articles on a variety of internet-related topics. This month's issue has my paper. I scrolled up and down along it a few times and whistled. It's not MIT Press and it's not the best thing I ever wrote, but it's a nice start.
Later in the day I had to pick something up from the undergraduate office, having never been there before, and was handed my envelope before I said my name or what I was here for. "You knew my name," I observed (lamely) with a giggle. She nodded and shrugged. "Of course. Why wouldn't I?" I raised an eyebrow and she just smiled. I can't tell if some people are joking. "All the faculty know you. You're more like a prof than a student, anyway", someone else (that thing with the thing (you need a better nickname)) commented later in the day about something else.
Also I maaaaay be writing a 5000 word chapter on hacktivism, possibly with metac0m as a co-author. The catch being that it would have to be written right when I'm supposed to be studying for exams. And that Jason hasn't gotten back to me on it yet ;)
Yay! Life's going well.
Apr 09th, 2004 - Serial Experiments Lain
Atomiks lent me a copy of the series on Wednesday, and somehow I've managed to watch all thirteen
episodes since then (who needs sleep?). Serial Experiments Lain is an Anime series
about...hrm, well it's certainly not easy to explain what it's about. It starts with Lain
mysteriously getting an e-mail from a girl who committed suicide. Though self-proclaimed "not good at
computers", Lain rapidly develops an affinity for them in an attempt to solve this mystery, and her
life gets a little...well...."weird" is putting it lightly.
Here's the opening credits [23MB] (required: DivX and speakers turned on :) ). It's worth the download time!
I give Lain two enthusiastic thumbs up. It has a very different feel than my last Anime series of choice, Noir, but is equally artistically stunning, although it's a very different style. The characters are captivating and the plot is perfectly intense (though it takes some getting used to).
And thanks to the series, the buzz of electricity in my room now creeps me out.
I wouldn't recommend Lain to everyone, but to those of you who are nearly as weird as me (it's good to strive for something ;) ), and who can appreciate a series for its visual style, it's certainly worth picking up. And everyone should see the opening credits.
Here's the opening credits [23MB] (required: DivX and speakers turned on :) ). It's worth the download time!
I give Lain two enthusiastic thumbs up. It has a very different feel than my last Anime series of choice, Noir, but is equally artistically stunning, although it's a very different style. The characters are captivating and the plot is perfectly intense (though it takes some getting used to).
And thanks to the series, the buzz of electricity in my room now creeps me out.
I wouldn't recommend Lain to everyone, but to those of you who are nearly as weird as me (it's good to strive for something ;) ), and who can appreciate a series for its visual style, it's certainly worth picking up. And everyone should see the opening credits.
Apr 11th, 2004 - A day with the 49x team
I spent all day yesterday with my CSC49x team in an attempt to take the individual fragments that I
had them write, and create some sort of one-voiced report. My idea was that since they all have very
different, um, styles of writing, that if we put it all together as a group, it'd be a way to
make sure it was of very high quality, but without having me do all of it.
There's one strong inherent problem with taking a group of the most talented students in the department and lobbing them all together: egos are very high and easily wounded. I also can't teach them how to be diplomatic editors in the short amount of time we have. My one-on-one editing sessions with each of them went very well (we were both happy with the product) but I wanted to try to spread the load more evenly and as soon as others got involved, tensions began to rise.
If I pulled back and just listened, within a minute I was called in to referee:
"That sentence doesn't make sense. You're missing your prepositions."
"So tell me where to put them."
"Put a 'with' there....you're not typing it! Type it. A 'with' goes there."
"I want to see what else you're going to change first."
"Just type it! Your grammar's all messed up."
"I don't think you know what I'm trying to say. You have no idea. You never used this part of GForge."
"I do, now write what I'm saying!"
"You don't understand!"
"[Catspaw]!"
"[Catspaw]!!"
You're accidentally taught very early in grade school that the only way to get a good mark on a group project is to do all the work yourself. Everyone knows this. But at the Lab we seem to be able to fragment the workload and reassemble it very smoothly and effectively, so I know that that's possible too.
I can see in the eyes of my teammates that they'd rather not have the others being so difficult -- correcting parts that seem so inconsequential to them. It's producing good stuff, it's just going obscenely slow when I don't play supreme over-lord and instead let everyone contribute what they have to say (and there seems to be a lot of that).
So when do you draw the line and say "screw you guys, this is taking way too long and just making everyone unhappy. Just send me what you have, I'll edit everyone's, and send it back and then write all the global stuff myself and put it all together" ? Is it really worth all this trouble just to keep everyone involved?
There's one strong inherent problem with taking a group of the most talented students in the department and lobbing them all together: egos are very high and easily wounded. I also can't teach them how to be diplomatic editors in the short amount of time we have. My one-on-one editing sessions with each of them went very well (we were both happy with the product) but I wanted to try to spread the load more evenly and as soon as others got involved, tensions began to rise.
If I pulled back and just listened, within a minute I was called in to referee:
"That sentence doesn't make sense. You're missing your prepositions."
"So tell me where to put them."
"Put a 'with' there....you're not typing it! Type it. A 'with' goes there."
"I want to see what else you're going to change first."
"Just type it! Your grammar's all messed up."
"I don't think you know what I'm trying to say. You have no idea. You never used this part of GForge."
"I do, now write what I'm saying!"
"You don't understand!"
"[Catspaw]!"
"[Catspaw]!!"
You're accidentally taught very early in grade school that the only way to get a good mark on a group project is to do all the work yourself. Everyone knows this. But at the Lab we seem to be able to fragment the workload and reassemble it very smoothly and effectively, so I know that that's possible too.
I can see in the eyes of my teammates that they'd rather not have the others being so difficult -- correcting parts that seem so inconsequential to them. It's producing good stuff, it's just going obscenely slow when I don't play supreme over-lord and instead let everyone contribute what they have to say (and there seems to be a lot of that).
So when do you draw the line and say "screw you guys, this is taking way too long and just making everyone unhappy. Just send me what you have, I'll edit everyone's, and send it back and then write all the global stuff myself and put it all together" ? Is it really worth all this trouble just to keep everyone involved?
Apr 12th, 2004 - Fundamental issues with "fundamental issues with open source software development"
Somehow I'd forgotten that with publication comes public criticism, and I don't think I had mentally
prepared myself for it. A week after my First Monday article went out, I've received over a dozen
e-mail messages from various people who had something negative to say.
"Ouch," I cringed after the third or fourth spat strong insults, pulling no punches.
I'm not sure why they bother me so much. I've read each of the insulting ones at least five or six times over. There are no points that I consider valid enough to threaten my argument, but I still, illogically, am suffering from their sting.
There were some positive messages too. I have great respect for your excellent paper. Normally these would have me floating around happily for days, but they got moved out of my Inbox after the first read. The angry ones stayed. The angry ones get reread. And I'm not sure why.
I haven't responded to any of them because I have no idea what I'd say. I'm not sure if I should explain to them why their points only further my own and their stubbornness only contributes to the problem. What I really feel like saying to them is: "I didn't write it to offend anyone and I didn't write it to hurt you. I have no doubt that you're doing great things, contributing to the open source movement. I wanted to help, not hurt. Please don't be upset." But it feels like a ridiculous instinct to have. I guess I just hate the idea that something which I wrote could be having a negative effect. It feels like the opposite of what I wanted.
"You're going to be big one day," someone told me today. "You're making a lot of friends and a lot of people are starting to really respect you. But for every few friends you make you're going to make a few enemies. And one day when you're really big, with tons and tons of admirers, you will have many people who don't like you. And you're going to have to learn how to brush them off and not take them too seriously."
I shudder at that thought. But I can't imagine saying anything worth saying and not having some people get upset by it. I guess I'll just have to learn how to handle it better. How to keep the praise in my Inbox and delete the criticisms. Sounds easy. Feels hard. As for now, I can't stop rereading them.
Ouch. *sigh*
"Ouch," I cringed after the third or fourth spat strong insults, pulling no punches.
I'm not sure why they bother me so much. I've read each of the insulting ones at least five or six times over. There are no points that I consider valid enough to threaten my argument, but I still, illogically, am suffering from their sting.
There were some positive messages too. I have great respect for your excellent paper. Normally these would have me floating around happily for days, but they got moved out of my Inbox after the first read. The angry ones stayed. The angry ones get reread. And I'm not sure why.
I haven't responded to any of them because I have no idea what I'd say. I'm not sure if I should explain to them why their points only further my own and their stubbornness only contributes to the problem. What I really feel like saying to them is: "I didn't write it to offend anyone and I didn't write it to hurt you. I have no doubt that you're doing great things, contributing to the open source movement. I wanted to help, not hurt. Please don't be upset." But it feels like a ridiculous instinct to have. I guess I just hate the idea that something which I wrote could be having a negative effect. It feels like the opposite of what I wanted.
"You're going to be big one day," someone told me today. "You're making a lot of friends and a lot of people are starting to really respect you. But for every few friends you make you're going to make a few enemies. And one day when you're really big, with tons and tons of admirers, you will have many people who don't like you. And you're going to have to learn how to brush them off and not take them too seriously."
I shudder at that thought. But I can't imagine saying anything worth saying and not having some people get upset by it. I guess I'll just have to learn how to handle it better. How to keep the praise in my Inbox and delete the criticisms. Sounds easy. Feels hard. As for now, I can't stop rereading them.
Ouch. *sigh*
Apr 13th, 2004 - Ostrich
Hundreds of e-mail responses came flooding in as Slashdot picked it up. Two boxes (including one I
sys admin) went down just because they're high on the google search for my name.
I need to go find a hole to hide in for a few days.
I need to go find a hole to hide in for a few days.
Apr 15th, 2004 - Lessons Learned
If you don't learn anything from your experiences, you're a waste of air. This also applies to
getting hate mail, I suppose. Now that the e-mail flood has slowed to only one message every hour or
two, I decided to take some time this morning to examine what everyone had to say.
Stats
Number of e-mails: 207
Number of slashdot comments: 788
Number of google results: 659
Opinion
Number of e-mails focusing on praise: 62
Number of e-mails mostly positive with some criticisms: 103
Number of e-mails focusing on disagreement: 37
Number of e-mails that had more angry exclamation marks than English words: 5
Seeking permission/further info
Number of languages people offered to translate it into: 3 (French, Farsi and Spanish)
Number of requests if someone could use it in a review/their own article/etc: 10
Number of requests for an interview with me: 6
Number of requests for a copy of the documentary: 9
Number of requests if I'm single: 2
Content
Number of e-mails that I should have used specific examples: 60
Number of e-mails that say I should have brought up other issues: 32
Number of e-mails that say I should have chosen one issue and done it comprehensively: 37
Number of e-mails that say liked the whole thing but hated the OS X comments: 20
Number of e-mails that say specifically mentioned liking the OS X comments: 21
Number of e-mails that say I brought up nothing new: 45 (plus me, makes 46)
Misc
Number of e-mails that say something like "I'm sure you're getting tons of hate mail": 112
Number of those people who follow it with something like "but they're wrong": 94
Number of e-mails that say they wanted to write the same but were too lazy: 21
Number of e-mails from people worried that Project X was their project: 7
Number of e-mails that offer me a job interview: 3
Number of e-mails that refer to me as a prof: 14
Number of e-mails that asked where they can read my other articles/books/etc: 31 (my other what?)
Number of people who submitted it to a mailing list they know I'm on: 1
Number of people who submitted negative feedback to a mailing list they know I'm on: 1
Number of profs I now love because they contradicted the above on the same mailing list: 1
Priceless
Number of e-mails that use the phrase "Your article was flaming dog poo!": 1
Number of e-mails that use the phrase "You are a zealot!!!!!!!!!!!!!": 1
Number of e-mails that use the phrase "I would marry your article if it was a chick": 1
Number of e-mails that use the phrase "Stallman is rolling over in his grave": 1 (they killed him??)
Now that stats have been gathered, it's time to think this through. I know some things I would have done differently if I had known it would get this much attention (namely: more disclaimers), but I also think that there's more to learn than just that. Anyway, this is the last you'll hear of this article from me (I'm sure everyone's sick of it ruling my blog for the past few days), but I at least wanted to share the above.
Stats
Number of e-mails: 207
Number of slashdot comments: 788
Number of google results: 659
Opinion
Number of e-mails focusing on praise: 62
Number of e-mails mostly positive with some criticisms: 103
Number of e-mails focusing on disagreement: 37
Number of e-mails that had more angry exclamation marks than English words: 5
Seeking permission/further info
Number of languages people offered to translate it into: 3 (French, Farsi and Spanish)
Number of requests if someone could use it in a review/their own article/etc: 10
Number of requests for an interview with me: 6
Number of requests for a copy of the documentary: 9
Number of requests if I'm single: 2
Content
Number of e-mails that I should have used specific examples: 60
Number of e-mails that say I should have brought up other issues: 32
Number of e-mails that say I should have chosen one issue and done it comprehensively: 37
Number of e-mails that say liked the whole thing but hated the OS X comments: 20
Number of e-mails that say specifically mentioned liking the OS X comments: 21
Number of e-mails that say I brought up nothing new: 45 (plus me, makes 46)
Misc
Number of e-mails that say something like "I'm sure you're getting tons of hate mail": 112
Number of those people who follow it with something like "but they're wrong": 94
Number of e-mails that say they wanted to write the same but were too lazy: 21
Number of e-mails from people worried that Project X was their project: 7
Number of e-mails that offer me a job interview: 3
Number of e-mails that refer to me as a prof: 14
Number of e-mails that asked where they can read my other articles/books/etc: 31 (my other what?)
Number of people who submitted it to a mailing list they know I'm on: 1
Number of people who submitted negative feedback to a mailing list they know I'm on: 1
Number of profs I now love because they contradicted the above on the same mailing list: 1
Priceless
Number of e-mails that use the phrase "Your article was flaming dog poo!": 1
Number of e-mails that use the phrase "You are a zealot!!!!!!!!!!!!!": 1
Number of e-mails that use the phrase "I would marry your article if it was a chick": 1
Number of e-mails that use the phrase "Stallman is rolling over in his grave": 1 (they killed him??)
Now that stats have been gathered, it's time to think this through. I know some things I would have done differently if I had known it would get this much attention (namely: more disclaimers), but I also think that there's more to learn than just that. Anyway, this is the last you'll hear of this article from me (I'm sure everyone's sick of it ruling my blog for the past few days), but I at least wanted to share the above.
Apr 16th, 2004 - Obstruction of justice
I lied to a pair of cops today. I'm not sure why I did, nor am I certain that I would do the same
thing again if were I given more time to think between the choice and the action. Here's what
happened...
It's starting to get warm out, so I was walking home slowly this afternoon, taking several detours. My meanderings eventually led me to a small park between Dundas and Queen, next to Bathurst. When I reached a park bench, I stopped to re-shuffle the items in my backpack, in an attempt to stop the corner of my backpack from jabbing into my side. Sat down, flung the backpack onto the bench, and began to sort through it.
The park was virtually silent otherwise, so I noticed the running kid almost immediately. We made eye contact and he shouted "don't tell them I'm here, okay?" as he jumped into some tube thing at the playground.
Some game of tag with a bunch of other kids, I figured.
If I had to guess, I'd say he was around 11 or 12 years old. Not a little kid, but certainly still a "kid", and a normal looking one at that. The only reason why I bothered to give his hiding any thought at all was his eyes: very bright green, like those of another kid who is on a poster on my wall.
I'm not sure exactly how much time passed. Anywhere between 8 seconds and a whole minute but it's hard to say.
Two cops on bikes came riding into the park from the same direction that the boy had run.
Did I wonder if they had anything to do with each other, or did I just insert the memory of wondering that after the fact? I'm not sure. But they stopped when they reached my bench -- quickly, hurriedly, slamming on the breaks of their bikes.
"'Scuse me miss, did you see a boy run past here?"
He was close enough, in that tube thing, that he would have been able to hear them. Probably absolutely petrified. Although I'd heard the question perfectly, I said "pardon" to buy myself an extra three seconds as the cop repeated the question. What had this kid done? What should I do? How do you try to figure something like this out when there's nowhere near enough time to think?
"I'm sorry," I said, "I wasn't really paying attention. Didn't notice anything."
They mumbled something to each other, and biked off quickly, splitting up in two different directions once they hit Bathurst: one going south and the other taking a side street.
I didn't move. I stayed on my bench. I pulled out a sheet of paper and drew several circles and triangles on it. Looking busy for an audience that didn't exist. Perhaps two minutes past.
The boy crawled out from his hiding place and ran in the direction he came from (opposite from where the cops went), looking over his shoulder, and quietly said "thanks lady" as he ran past me.
It was probably shoplifting, I decided on the rest of the walk home. It wasn't my place to play judge and jury and decide who gets caught. So I'm not sure why my instinct reacted the way it did. He was just a kid. He turned a corner and disappeared beyond my view into the busy streets.
Somewhere in Toronto is a boy with bright green eyes, a grey sweatshirt and a pair of jeans, who was lucky that it was me there today.
It's starting to get warm out, so I was walking home slowly this afternoon, taking several detours. My meanderings eventually led me to a small park between Dundas and Queen, next to Bathurst. When I reached a park bench, I stopped to re-shuffle the items in my backpack, in an attempt to stop the corner of my backpack from jabbing into my side. Sat down, flung the backpack onto the bench, and began to sort through it.
The park was virtually silent otherwise, so I noticed the running kid almost immediately. We made eye contact and he shouted "don't tell them I'm here, okay?" as he jumped into some tube thing at the playground.
Some game of tag with a bunch of other kids, I figured.
If I had to guess, I'd say he was around 11 or 12 years old. Not a little kid, but certainly still a "kid", and a normal looking one at that. The only reason why I bothered to give his hiding any thought at all was his eyes: very bright green, like those of another kid who is on a poster on my wall.
I'm not sure exactly how much time passed. Anywhere between 8 seconds and a whole minute but it's hard to say.
Two cops on bikes came riding into the park from the same direction that the boy had run.
Did I wonder if they had anything to do with each other, or did I just insert the memory of wondering that after the fact? I'm not sure. But they stopped when they reached my bench -- quickly, hurriedly, slamming on the breaks of their bikes.
"'Scuse me miss, did you see a boy run past here?"
He was close enough, in that tube thing, that he would have been able to hear them. Probably absolutely petrified. Although I'd heard the question perfectly, I said "pardon" to buy myself an extra three seconds as the cop repeated the question. What had this kid done? What should I do? How do you try to figure something like this out when there's nowhere near enough time to think?
"I'm sorry," I said, "I wasn't really paying attention. Didn't notice anything."
They mumbled something to each other, and biked off quickly, splitting up in two different directions once they hit Bathurst: one going south and the other taking a side street.
I didn't move. I stayed on my bench. I pulled out a sheet of paper and drew several circles and triangles on it. Looking busy for an audience that didn't exist. Perhaps two minutes past.
The boy crawled out from his hiding place and ran in the direction he came from (opposite from where the cops went), looking over his shoulder, and quietly said "thanks lady" as he ran past me.
It was probably shoplifting, I decided on the rest of the walk home. It wasn't my place to play judge and jury and decide who gets caught. So I'm not sure why my instinct reacted the way it did. He was just a kid. He turned a corner and disappeared beyond my view into the busy streets.
Somewhere in Toronto is a boy with bright green eyes, a grey sweatshirt and a pair of jeans, who was lucky that it was me there today.
Apr 17th, 2004 - Getting life back in order
It's 10 pm and still warm enough outside that I can walk to the grocery store and back without needing
a jacket. I'm sitting back, legs up on my desk, sipping a cup of chai tea (thanks to Mud for making
me some of hers), listening to St Germain (thanks to Kenny for reminding me why I should get the CD),
and casually making the final spelling corrections to my 49x group's report. Any more relaxed, and
I'd be asleep.
Life is sweet.
Life is sweet.
Apr 18th, 2004 - Again??
Those who know, know. Those who don't, I ain't sayin' it.
Apr 19th, 2004 - Accessibility for the three armed vision impaired
If you're using OS X, it has a zoom accessibility feature for the vision impaired. Unfortunately,
when you're typing something, it doesn't follow your cursor. Instead it follows your now-static
mouse pointer.
So within two or three seconds, the zoomed screen is no longer focused on the text you're typing, and you're forced either keep moving the mouse, or to just type everything and then look it over for typos, etc. This seems like a huge implementational oversight to me: how hard could it be to have it follow the cursor while you're typing? Yet this probably never would have occurred to me, had I never met Arun.
Last week I had the pleasure of hanging out with Arun Blake who, earlier that day, had been trying out some of Steve Mann's eyetap equipment. (Jason took some awesome photos of that event.) When Arun uses his laptop, he uses the OS X zooming feature, but has to keep one hand on the mouse and can only use one hand to type.
"It really is annoying! It slows me down so much!," he exclaims when I mention it. "Why can't they make it follow the cursor?"
I told him that I didn't know why. But I've been asking around since then. All the Mac gurus I talk to tend to look surprised that this is how the zoom feature is implemented until they're shown a demo of it.
So the question is this: How hard would this be to fix?
Obviously this is tied closely with the Mac UI, which is closed source, but could a third party application fix this? Emulate the mouse moving to where the cursor goes? Just move the zoomed screen? Is this even possible, or is it something that Apple would have to implement? Heh, sounds a bit like a future 49x project to me. But who knows how easy/hard it is. Do you?
So within two or three seconds, the zoomed screen is no longer focused on the text you're typing, and you're forced either keep moving the mouse, or to just type everything and then look it over for typos, etc. This seems like a huge implementational oversight to me: how hard could it be to have it follow the cursor while you're typing? Yet this probably never would have occurred to me, had I never met Arun.
Last week I had the pleasure of hanging out with Arun Blake who, earlier that day, had been trying out some of Steve Mann's eyetap equipment. (Jason took some awesome photos of that event.) When Arun uses his laptop, he uses the OS X zooming feature, but has to keep one hand on the mouse and can only use one hand to type.
"It really is annoying! It slows me down so much!," he exclaims when I mention it. "Why can't they make it follow the cursor?"
I told him that I didn't know why. But I've been asking around since then. All the Mac gurus I talk to tend to look surprised that this is how the zoom feature is implemented until they're shown a demo of it.
So the question is this: How hard would this be to fix?
Obviously this is tied closely with the Mac UI, which is closed source, but could a third party application fix this? Emulate the mouse moving to where the cursor goes? Just move the zoomed screen? Is this even possible, or is it something that Apple would have to implement? Heh, sounds a bit like a future 49x project to me. But who knows how easy/hard it is. Do you?
Apr 20th, 2004 - Sometimes I know myself too well
Over two years ago, I wrote up a list of exam emotional stages that I
always go through each year. I've found that it's frighteningly accurate. Old insanecatsers should
be used to this speech by now, since every year I take you all through each of these stages as I jump
from one to the next. This year isn't going to be any different.
Right now I'm monkeying around in Stage 3. I've done some studying today...but it was done with heavy reluctance and was mixed with a lot of movie watching, napping, and general complaining. I'm not looking forward to the next Stage, however, since it's about as awful as life gets (with the exception of Stage 6, which is just pure misery).
Apr 28th - Operating Systems exam: my first exam. Apparently it's going to be heavy on obscure definitions from the textbook, and light on actual content. "No programming, coding, or anything too technical", says the prof. Cue the sounds of Catspaw sobbing from the back row.
Apr 29th - Global Networks exam: yes, the next day. I'll read over the class notes once or twice and then head in to the lab and get into a debate about something with graeme and metac0m until I've got a full reserve of brilliant political arguments. That strategy worked for the midterm. And when in doubt, almost every possible essay topic can be brought back to one of information warfare, hacktivism, or cyberthreats (three of the topics of the course), and then I'm home free and have more than enough content to rant about until my fingers start to bleed.
May 5th - Computational Complexity and Computability exam: almost a whole week in between. I'm still not sure how you study for something like this. I think I'll read over the notes, make sure I understand everything, try a few practice problems, and then ensure that I've got the exact right dosage of caffeine for being brilliant under duress. My only (but major) problem with this course has been a lack of confidence. I keep erasing correct answers and replacing them with wrong ones. That can be fixed with a little practice.
And, cuz I took the project course instead of Numerical Methods, that's it for exams. Life then quickly slips into organizing Open Source conference slav^H^H^H^Hvolunteers, and then work begins for the summer. Oh, of course sometime during all the above I need to find time to write a book chapter, get my citizen lab code into reasonable order, and do a million other things. Life would be too easy if all I had to do was study.
Note to self: maintain a healthy sleeping schedule.
Right now I'm monkeying around in Stage 3. I've done some studying today...but it was done with heavy reluctance and was mixed with a lot of movie watching, napping, and general complaining. I'm not looking forward to the next Stage, however, since it's about as awful as life gets (with the exception of Stage 6, which is just pure misery).
Apr 28th - Operating Systems exam: my first exam. Apparently it's going to be heavy on obscure definitions from the textbook, and light on actual content. "No programming, coding, or anything too technical", says the prof. Cue the sounds of Catspaw sobbing from the back row.
Apr 29th - Global Networks exam: yes, the next day. I'll read over the class notes once or twice and then head in to the lab and get into a debate about something with graeme and metac0m until I've got a full reserve of brilliant political arguments. That strategy worked for the midterm. And when in doubt, almost every possible essay topic can be brought back to one of information warfare, hacktivism, or cyberthreats (three of the topics of the course), and then I'm home free and have more than enough content to rant about until my fingers start to bleed.
May 5th - Computational Complexity and Computability exam: almost a whole week in between. I'm still not sure how you study for something like this. I think I'll read over the notes, make sure I understand everything, try a few practice problems, and then ensure that I've got the exact right dosage of caffeine for being brilliant under duress. My only (but major) problem with this course has been a lack of confidence. I keep erasing correct answers and replacing them with wrong ones. That can be fixed with a little practice.
And, cuz I took the project course instead of Numerical Methods, that's it for exams. Life then quickly slips into organizing Open Source conference slav^H^H^H^Hvolunteers, and then work begins for the summer. Oh, of course sometime during all the above I need to find time to write a book chapter, get my citizen lab code into reasonable order, and do a million other things. Life would be too easy if all I had to do was study.
Note to self: maintain a healthy sleeping schedule.
Apr 21st, 2004 - How do you teach secure coding?
This is a question that I hit half a dozen years ago and that I still haven't been able to solve. My
first experience with trying to teach computer security was my attempt to explain to a group of
imp-wannabes how you go about looking for exploits in moo code. I gave them a list of common "cheap
tricks" to look for (anything +w, +x verbs that shouldn't be, verbs with 'any' in the args that you
can maliciously treat as a 'this', +x verbs that use player as a security check, etc.) and was
surprised at the result. They proved to be excellent at following my tips, but seemed incapable of
finding the next few steps on their own.
It was like I was teaching a group of little SHRDLUs: they could follow direct instructions but their knowledge wouldn't scale up. That was the first lesson I learned on how to teach computer security: simply giving them a list of security vulnerabilities wouldn't teach them how to find new vulnerabilities and wouldn't teach them how to ensure their code didn't contain other problems not on that list. Their knowledge would only be as comprehensive as the list; they wouldn't gain a skill-set. Another method of teaching would have to be found.
My next experience came from trying to explain more complicated programming flaws to various programmers. These were skilled programmers who were very fluent in the language. I would point to the line of code that contained the vulnerability and found, surprisingly, that they couldn't see how it was a problem. So I'd help them trace backwards along the function calls and inadequate security checks, and I kept finding that I'd lose them along the back-trace, before we got to the point where a user could enter malicious data.
"It's just like debugging," I remember explaining to one of them. "When your program borks, you have to trace your variables backwards to try to figure out what values they would have at that point in time by keeping them all in your head as you work your way backwards." (No one had ever taught me that debuggers existed, at that point in time.) What really stuck with me was the response by one of them: "With debugging you just go forward in your code, though. Here you're wanting me to go forwards and backwards at the same time. I can't do that."
If I showed them the malicious input, they were very capable at tracing it through the program until they hit the vulnerability, and then were able to recognize what made it a vulnerability. But starting at the vulnerability and then working back to figure out what input could work against it seemed to confuse them. Nevermind determine whether a given line is vulnerable. And yet this is how exploits are found. So how do you teach this?
For others, this sort of thing seems to come very intuitively. It doesn't seem to be related to one's knowledge of the language or system being examined (though a certain amount of knowledge is necessary before anything can be found). Nor do those who can find these problems necessarily write secure code themselves.
Regardless, I want to try to figure out what it is that makes this so easy for a "lucky" few and so difficult for everyone else. What is it that they're doing? I'm far too deep in my own head to examine my own processes, so I've started paying closer attention to those around me who can do this. Hoping to try to figure out what they do, so that I can teach others to do it too.
I have a feeling that computer security is going to be a topic on my plate for a very long time to come. I've figured out ways to teach network security, cryptography, and most of the rest of "computer security". Want to learn how to write a man-in-the-middle attack against SSL? I've got tons of examples, analogies and explanations just waiting to be shared.
I would be much happier if I could figure out a way to do the same with secure coding.
It was like I was teaching a group of little SHRDLUs: they could follow direct instructions but their knowledge wouldn't scale up. That was the first lesson I learned on how to teach computer security: simply giving them a list of security vulnerabilities wouldn't teach them how to find new vulnerabilities and wouldn't teach them how to ensure their code didn't contain other problems not on that list. Their knowledge would only be as comprehensive as the list; they wouldn't gain a skill-set. Another method of teaching would have to be found.
My next experience came from trying to explain more complicated programming flaws to various programmers. These were skilled programmers who were very fluent in the language. I would point to the line of code that contained the vulnerability and found, surprisingly, that they couldn't see how it was a problem. So I'd help them trace backwards along the function calls and inadequate security checks, and I kept finding that I'd lose them along the back-trace, before we got to the point where a user could enter malicious data.
"It's just like debugging," I remember explaining to one of them. "When your program borks, you have to trace your variables backwards to try to figure out what values they would have at that point in time by keeping them all in your head as you work your way backwards." (No one had ever taught me that debuggers existed, at that point in time.) What really stuck with me was the response by one of them: "With debugging you just go forward in your code, though. Here you're wanting me to go forwards and backwards at the same time. I can't do that."
If I showed them the malicious input, they were very capable at tracing it through the program until they hit the vulnerability, and then were able to recognize what made it a vulnerability. But starting at the vulnerability and then working back to figure out what input could work against it seemed to confuse them. Nevermind determine whether a given line is vulnerable. And yet this is how exploits are found. So how do you teach this?
For others, this sort of thing seems to come very intuitively. It doesn't seem to be related to one's knowledge of the language or system being examined (though a certain amount of knowledge is necessary before anything can be found). Nor do those who can find these problems necessarily write secure code themselves.
Regardless, I want to try to figure out what it is that makes this so easy for a "lucky" few and so difficult for everyone else. What is it that they're doing? I'm far too deep in my own head to examine my own processes, so I've started paying closer attention to those around me who can do this. Hoping to try to figure out what they do, so that I can teach others to do it too.
I have a feeling that computer security is going to be a topic on my plate for a very long time to come. I've figured out ways to teach network security, cryptography, and most of the rest of "computer security". Want to learn how to write a man-in-the-middle attack against SSL? I've got tons of examples, analogies and explanations just waiting to be shared.
I would be much happier if I could figure out a way to do the same with secure coding.
Apr 22nd, 2004 - Grad school
Ever since I decided to take an extra year to get this degree, the number of entries where I'm
freaking out about grad school, in some form or another, has dropped dramatically. That being said,
I think I'm still entitled to one every so often, and I'm long overdue.
What the hell am I going to do after undergrad?!
I've had repeated to me so many times that doing my graduate studies at UofT would be a bad idea, that I'm beginning to feel a little bit like I slipped into a Huxley novel. The reasons seem to be two-fold, both of which are valid arguments. One, it's typically not seen to be a "good thing" to get all three degrees from the same institution. Two, by the time I hit grad school I'll already own [1] UofT and won't learn nearly as much as I would if I were parachuted into a new setting where nobody knew me or anything about me.
So that leaves me...where, exactly? I'm not certain I could go anywhere much smaller than Toronto without going insane [2]. I also don't think that I'm qualified to get into one of the "big name" universities for comp sci, like MIT or Stanford. I wouldn't mind going someplace on the other side of the world -- Japan, Australia, one of those -- but I certainly don't plan on choosing a university simply on the criteria of it being far away.
What are you interested in?, is usually the next question asked by profs offering advice. My verbal response is always "computer security, programming languages, collaborative virtual environments, hacktivism, and the pedagogy of computer science" [3]. This is always accompanied by my unspoken response of "fuck, I dunno. If I knew, I wouldn't need to ask you for advice, would I? I could just use google to browse for the best universities for that topic, couldn't I? Sheesh."
There's far too much I want to do. Picking a specialty feels like cheating on all the other fields I'm interested in. I hate narrowing myself. For those of you who went through grad school: how did you choose?
[1]: own as in "I totally 0wnz u" or "This game pwnz!"
[2]: The exception to this would be if I were to go somewhere with an entirely different culture than what I'm used to. Then it wouldn't matter so much if I were forced to live in a homogeneous community, so long as it was a different experience. I guess what I'm saying is small white-town is out. Multiculturalism is strongly preferred but not required.
[3]: I can spew this phrase similarly to how I spew the various phrases to commonly asked questions like "What's it like to be a female in computer science?" or "What is hacktivism?" or "What are you making us for dinner tonight?"
What the hell am I going to do after undergrad?!
I've had repeated to me so many times that doing my graduate studies at UofT would be a bad idea, that I'm beginning to feel a little bit like I slipped into a Huxley novel. The reasons seem to be two-fold, both of which are valid arguments. One, it's typically not seen to be a "good thing" to get all three degrees from the same institution. Two, by the time I hit grad school I'll already own [1] UofT and won't learn nearly as much as I would if I were parachuted into a new setting where nobody knew me or anything about me.
So that leaves me...where, exactly? I'm not certain I could go anywhere much smaller than Toronto without going insane [2]. I also don't think that I'm qualified to get into one of the "big name" universities for comp sci, like MIT or Stanford. I wouldn't mind going someplace on the other side of the world -- Japan, Australia, one of those -- but I certainly don't plan on choosing a university simply on the criteria of it being far away.
What are you interested in?, is usually the next question asked by profs offering advice. My verbal response is always "computer security, programming languages, collaborative virtual environments, hacktivism, and the pedagogy of computer science" [3]. This is always accompanied by my unspoken response of "fuck, I dunno. If I knew, I wouldn't need to ask you for advice, would I? I could just use google to browse for the best universities for that topic, couldn't I? Sheesh."
There's far too much I want to do. Picking a specialty feels like cheating on all the other fields I'm interested in. I hate narrowing myself. For those of you who went through grad school: how did you choose?
[1]: own as in "I totally 0wnz u" or "This game pwnz!"
[2]: The exception to this would be if I were to go somewhere with an entirely different culture than what I'm used to. Then it wouldn't matter so much if I were forced to live in a homogeneous community, so long as it was a different experience. I guess what I'm saying is small white-town is out. Multiculturalism is strongly preferred but not required.
[3]: I can spew this phrase similarly to how I spew the various phrases to commonly asked questions like "What's it like to be a female in computer science?" or "What is hacktivism?" or "What are you making us for dinner tonight?"
Apr 23rd, 2004 - Insanecatsers
With 423 unique nicknames having commented on over 500 insanecats entries, I decided it's time for
some random statistics about you guys. (Truth moment: yeah, okay, you guessed correctly -- I'm just
trying to find anything to do than studying.)
Apparently I'm the number one insanecatser, having made 298 comments. Other than me, those who have made over 100 comments are: Mud (285), flaps (212), fLufFy (210), Rappie (168), Damnal (161), Lao (137), Lou (115), Cecil (115) and Omni (101). Yay you guys. You will all be winning the reward of feeling lame.
Runners-up with over 50 comments are: Ender, Brin, Rozz, Claudia, SR, Jason, salvo, KC, CPwr, Joe Chip, anon, and CSC Student.
Total number of entries: 533
Total number of comments ever: 3263
Total unique nicknames to comments: 423
Total number of insanecats boxer shorts purchased: 4
Number one commenter who I've only talked to online: Damnal
Number one commenter who I've never talked to at all: Rozz
Everyone who's not on the wall of fame yet had better get their ass in gear and start contributing to the community. Stop being so selfish.
Apparently I'm the number one insanecatser, having made 298 comments. Other than me, those who have made over 100 comments are: Mud (285), flaps (212), fLufFy (210), Rappie (168), Damnal (161), Lao (137), Lou (115), Cecil (115) and Omni (101). Yay you guys. You will all be winning the reward of feeling lame.
Runners-up with over 50 comments are: Ender, Brin, Rozz, Claudia, SR, Jason, salvo, KC, CPwr, Joe Chip, anon, and CSC Student.
Total number of entries: 533
Total number of comments ever: 3263
Total unique nicknames to comments: 423
Total number of insanecats boxer shorts purchased: 4
Number one commenter who I've only talked to online: Damnal
Number one commenter who I've never talked to at all: Rozz
Everyone who's not on the wall of fame yet had better get their ass in gear and start contributing to the community. Stop being so selfish.
Apr 24th, 2004 - Where are the fireworks?!
It's no wonder that "endings" always feel so anti-climatic in real life. We're used to movies, books
and tales where endings are glorious, dramatic feats. Real life can't compete with that. And so
everyone is left wondering why they always feel so let down at the end of a stage of their life. What
they were really looking for was a scene worthy of having credits roll in at the end.
On the last day of Grade 8, when the bell rang, we all went running into the yard and went our separate ways home. It never even occurred to me that there were several people, who I'd known since we all joined the same school in Kindergarten, who I would never see again. A friend and I sat in the tree in my backyard, from which (if you climbed unreasonably high (which I always did)) you could see our elementary school. We just sat. It was an odd anti-climatic moment, but neither of us knew how to express what was missing.
Later, I mentally erased that moment and replaced it with a memory from a few weeks prior: all my friends and I running around in our school's yard, late at night, in the middle of a rainstorm. We'd stolen a box of sugar cubes from the staff room (I know -- I simply glow of maturity) and were eating them by the handful. We laughed until we couldn't stand. And when we all went home that night, the goodbyes really meant something. That was a much better ending.
A bunch of my friends graduated from undergrad this year. I keep hearing the same complaints from them: "that's it?" It's oddly unnerving to know that when you leave, the same profs will be teaching the same classes to just another group of students, and the academic industry will keep churning out new undergrads to be processed just like you were. "It's a big deal to me," one sighed, "but no one here is going to notice that I'm gone. Classes just ended, and that was it. Ended the same way they did every year."
Our project course did it much better. Greg had us all meet for one last dinner. It was a good chance to feel like there was some sort of conclusion (much better than most other endings out there). At the very end, the group divided in two (half going east, half going west) then two again (north and south) then two again, until eventually everyone went on their own individual way. "Have a good life, okay?" I grinned at the last one to part with me. "Don't kill anyone." "I won't."
My hair is pink again. The first day it was this colour was the day I set up the GForge box for Greg. It somehow felt right to end it in this colour too. I may be inclined for the over-dramatics, but it suits me well. I like ending with fireworks.
BAM!
On the last day of Grade 8, when the bell rang, we all went running into the yard and went our separate ways home. It never even occurred to me that there were several people, who I'd known since we all joined the same school in Kindergarten, who I would never see again. A friend and I sat in the tree in my backyard, from which (if you climbed unreasonably high (which I always did)) you could see our elementary school. We just sat. It was an odd anti-climatic moment, but neither of us knew how to express what was missing.
Later, I mentally erased that moment and replaced it with a memory from a few weeks prior: all my friends and I running around in our school's yard, late at night, in the middle of a rainstorm. We'd stolen a box of sugar cubes from the staff room (I know -- I simply glow of maturity) and were eating them by the handful. We laughed until we couldn't stand. And when we all went home that night, the goodbyes really meant something. That was a much better ending.
A bunch of my friends graduated from undergrad this year. I keep hearing the same complaints from them: "that's it?" It's oddly unnerving to know that when you leave, the same profs will be teaching the same classes to just another group of students, and the academic industry will keep churning out new undergrads to be processed just like you were. "It's a big deal to me," one sighed, "but no one here is going to notice that I'm gone. Classes just ended, and that was it. Ended the same way they did every year."
Our project course did it much better. Greg had us all meet for one last dinner. It was a good chance to feel like there was some sort of conclusion (much better than most other endings out there). At the very end, the group divided in two (half going east, half going west) then two again (north and south) then two again, until eventually everyone went on their own individual way. "Have a good life, okay?" I grinned at the last one to part with me. "Don't kill anyone." "I won't."
My hair is pink again. The first day it was this colour was the day I set up the GForge box for Greg. It somehow felt right to end it in this colour too. I may be inclined for the over-dramatics, but it suits me well. I like ending with fireworks.
BAM!
Apr 26th, 2004 - Proxyherd
I came up with the name while trying to get a pair of Saudi proxies to cooperate long enough for
me to demonstrate some filtering results with them. Proxyherd: "One who herds, guides, and
tends proxies." It's perfect.
"You gotta be careful with them," I was explaining when the term came to me. "Some of the proxies are easy to kill if you send too many requests through them at once. Others are a lot stronger but may not be as quick. You start learning their personalities. Some stick around for months, and others may only be around for a few hours and then you'll never see them again.
"You develop some favourites and learn which ones behave normally and which ones have their own filtering that makes them different. You usually want to get proxies that behave as normally as possible, but it's also good to find some that don't censor anything, and some that block absolutely everything. You never know when you might need those."
I feel like I should be chewing on a blade of grass, sitting on some fence in the middle of a field, while I explain all of this. On the other hand, that's the appropriate setting for a shepherd. Perhaps it's fitting that I explain it with a keyboard in my lap and coke can in my hand. If I was wearing my "I read your e-mail" t-shirt that Graeme borrowed from me, I'd be in a classic proxyherd pose.
"How do you figure out their personalities?", the guy I was demoing to asked.
"You use them for a while. Visit the usual suspects and see what they do about it. Blockpage? 200? 404? 503? Redirect? You do some research on them -- whois and nmap. You run them through rTurtle a few times. It's just a feeling that you get. The thing is though, the behaviour out there is so erratic that you'll never find a perfect group of proxies. You've got to find a way to work with the difficult ones. Maybe run the tests several times and use an average, maybe scale way back on threads, or maybe just use the few good ones you find. But you'll never get an ideal testing."
Now I know exactly what to call what it is that we do when we search for, collect, and test with, proxies. We're proxyherding.
"You gotta be careful with them," I was explaining when the term came to me. "Some of the proxies are easy to kill if you send too many requests through them at once. Others are a lot stronger but may not be as quick. You start learning their personalities. Some stick around for months, and others may only be around for a few hours and then you'll never see them again.
"You develop some favourites and learn which ones behave normally and which ones have their own filtering that makes them different. You usually want to get proxies that behave as normally as possible, but it's also good to find some that don't censor anything, and some that block absolutely everything. You never know when you might need those."
I feel like I should be chewing on a blade of grass, sitting on some fence in the middle of a field, while I explain all of this. On the other hand, that's the appropriate setting for a shepherd. Perhaps it's fitting that I explain it with a keyboard in my lap and coke can in my hand. If I was wearing my "I read your e-mail" t-shirt that Graeme borrowed from me, I'd be in a classic proxyherd pose.
"How do you figure out their personalities?", the guy I was demoing to asked.
"You use them for a while. Visit the usual suspects and see what they do about it. Blockpage? 200? 404? 503? Redirect? You do some research on them -- whois and nmap. You run them through rTurtle a few times. It's just a feeling that you get. The thing is though, the behaviour out there is so erratic that you'll never find a perfect group of proxies. You've got to find a way to work with the difficult ones. Maybe run the tests several times and use an average, maybe scale way back on threads, or maybe just use the few good ones you find. But you'll never get an ideal testing."
Now I know exactly what to call what it is that we do when we search for, collect, and test with, proxies. We're proxyherding.
Apr 27th, 2004 - Volunteer wrangling
The Open Source conference is swiftly approaching, and
I'd really like a preliminary volunteer schedule out within the next day or two. The only problem
with what I want is that I'm the one who has to make that schedule, and I have an exam tomorrow and
another the next day.
I have an e-mail folder stuffed with volunteer forms, and I have another dozen in paper format somewhere in the mountain of paper that has consumed my desk. Person A doesn't want to work with Person B. Person C will only volunteer if they can do so with Person D, but their schedules don't overlap. I wish that the "who do you want to work with?" question had never been placed on the form. I've learned a new lesson: provide as few choices as possible or people will begin to think that those choices that you provided are a right.
It's also incredible how much needs to be done by volunteers for a conference like this. From putting registration kits together, to manning refreshment tables, to selling passes on site, to providing tech support for the speakers, to manning the webcast cameras, to putting up signs, to answering attendee questions, to monitoring posters, etc etc. The list goes on. In my head I can picture how to make it all go extremely smoothly, but what I need is an entire day to plan it.
I also need the day to study. I'm frighteningly not worried about my operating systems exam tomorrow ("it'll be arbitrary crap so who the hell cares?"). I've learned before that this attitude is quite potentially the worst one to approach an exam with. Even slightly worse than the "So they think psychology can explain mental imagery do they? I'm gonna Pylyshyn their ass from hear to next week..." attitude that I entered the PSY270 exam with.
Read a few pages from the operating system textbook, work for a few minutes on volunteers. Lather, rinse, repeat.
I have an e-mail folder stuffed with volunteer forms, and I have another dozen in paper format somewhere in the mountain of paper that has consumed my desk. Person A doesn't want to work with Person B. Person C will only volunteer if they can do so with Person D, but their schedules don't overlap. I wish that the "who do you want to work with?" question had never been placed on the form. I've learned a new lesson: provide as few choices as possible or people will begin to think that those choices that you provided are a right.
It's also incredible how much needs to be done by volunteers for a conference like this. From putting registration kits together, to manning refreshment tables, to selling passes on site, to providing tech support for the speakers, to manning the webcast cameras, to putting up signs, to answering attendee questions, to monitoring posters, etc etc. The list goes on. In my head I can picture how to make it all go extremely smoothly, but what I need is an entire day to plan it.
I also need the day to study. I'm frighteningly not worried about my operating systems exam tomorrow ("it'll be arbitrary crap so who the hell cares?"). I've learned before that this attitude is quite potentially the worst one to approach an exam with. Even slightly worse than the "So they think psychology can explain mental imagery do they? I'm gonna Pylyshyn their ass from hear to next week..." attitude that I entered the PSY270 exam with.
Read a few pages from the operating system textbook, work for a few minutes on volunteers. Lather, rinse, repeat.
Apr 28th, 2004 - Nothing.
Sometimes there's nothing to say that you don't mind having the whole wired world hear. But I don't
like it when empty blog days stare back at me.
Recent Comments
This is my personal blog. The views expressed on these pages are mine alone and not those of my employer.