Privacy as a weapon

Remember the bogus bomb threats at the University of Pittsburgh? Apparently they were sent by email, anonymously, through a system called Mixmaster. The email passed through a computer in New York, which the FBI seized in April.

Now it is natural to wonder why we even have such things. Why is it OK for people to send email anonymously when it can cause such mayhem? Here’s what the computer’s owners have to say about it:

Q: Doesn’t Mixmaster/anonymous remailers enable criminals to do bad things?

A: Criminals can already do bad things. Since they’re willing to break laws, they already have lots of options available that provide better privacy than mixmaster provides. They can steal cell phones, use them, and throw them in a ditch; they can crack into computers in Korea or Brazil and use them to launch abusive activities; they can use spyware, viruses, and other techniques to take control of literally millions of Windows machines around the world.

Mixmaster aims to provide protection for ordinary people who want to follow the law. Only criminals have privacy right now, and we need to fix that.

All this is true, up to a point. Criminals have actually done all those things. It is also entirely plausible, though, that the particular culprit in question chose Mixmaster. Shortly after that server was seized, the bomb threats stopped.

My thoughts about privacy have changed. I used to think this:

People who keep secrets have something to hide.

I understood at the time that it was a simplistic truism, but it seemed useful anyway. But it’s not useful, because:

People who wear clothes have something to hide.

See? It just doesn't work. Here is what I think now:

Everyone has something to hide from a sufficiently reprehensible adversary.

It doesn’t trip off the tongue quite as lightly.

The FBI in this case was presumably acting with the best intentions, but many governments around the world are plenty reprehensible. Privacy cuts both ways. The ability to track down a miscreant sending bogus bomb threats is exactly the same thing as the ability of an oppressive government to track down activists and rebels and kill them. This is a real concern in some places, and people in those places have to use secure systems that protect their privacy or else give up the fight.

I do think it’s good to have some form of technological constraint on government surveillance, in addition to a reasonable system of checks and balances (requiring warrants for wiretaps, for example). Tracking people down and finding out every detail of what they’ve been doing should be hard. If it’s not, the government will eventually just track everything we do.

People who work on privacy and censorship-circumvention software have already shifted to building systems where there’s no central equipment to seize. Systems like Tor. Governments still have ways of attacking such systems, technologically and otherwise. How governments have tried to block Tor is a startling and absolutely fascinating 2011 talk about this. Watch the first five minutes of that.

One last thing. Anyone in the U.S. will recognize the “Criminals can already do bad things” quote as an argument against gun control. Whether it’s anonymity or a handgun, powerful tools have both offensive and defensive uses. Giving everyone such power is dangerous. Taking this power away from the people is dangerous.

Four hours

On Sunday I had the pleasure of introducing a C/C# programmer to Python.

I always tell people it only takes 4 hours to learn Python, and I say it because it’s true. But when I actually see someone pick up a whole new language from scratch, port some existing scrap of C code to Python, learn where the documentation is, set up virtualenv, and write a web app that sends somebody a text message, all in four hours f’real wall-clock time, well. It gets me right here.

When I was interviewing for Mozilla, Mike Schroepfer asked me two questions. (I bombed them both; to this day I have no idea why they hired me.) One was something like: why is it that dynamically-typed languages can be so much more productive than statically-typed languages? I mumbled something inane about not having to write out the types. Worst answer ever, and I knew it.

It was especially chastening because I had spent a lot of time thinking about it, apparently without drawing any insightful conclusions.

The question seems a little passé to me now, but only because about a decade of my life was a fantastically stupid flame war over that one thing. Not because we really finished with it.

I wonder if we could have a better discussion about this now that we’re all grown up. Maybe I’d have something intelligent to contribute now.

Time travel

In the garden-variety time travel story, there is a single, fully logically consistent timeline. Trying to change the past is futile. There can be no change. You can be the proximate cause of whatever actually happens, if that’s your thing.

Of course it is never quite clear why nothing could be changed. It just happens that nothing changes, however mightily the characters strive to change things, as if by coincidence. Or Fate is watching—but why is watching enough? Doesn’t Fate actually have to intervene somehow to make everything line up?

It occurred to me once that there could be a possible physical theory to explain this, using fixed points.

I’m not surprised that someone already thought of this. I’m a little surprised that it was Richard Feynman, in a paper titled “Classical electrodynamics in terms of direct interparticle action,” back in 1949.

The Stanford Encyclopedia of Philosophy’s entry on Time Travel and Modern Physics, section 3, explains all.

A bit more about the library

Nashville hack day happened Saturday and it was awesome. Click the link—every single talk was great, and that page has slides, links, source code, etc. for all of them.

Mine was on sorting and searching at the library.

The talk starts out talking about what happens if you take a book off the library shelves and put it back in the wrong place. When I wrote it, I got curious, so sent email to the library, asking:

Hi, I have a few questions about the library system.

1. How many books are in the library system?
2. Do you ever take a full inventory of the library, scanning every book on the shelves?
3. If not, is there any other way to know if a book is missing? (that is, the catalog shows it as Available but it's not actually on the shelves in the right place)
4. If you do track missing books, how many are missing right now? How long does it usually take for them to turn up?

I'm not planning a book heist. :) I'm preparing a talk about information technology and libraries for a local event for software engineers.

Engineers are always interested in “failure modes” -- that is, what happens when something goes wrong.

I didn’t get the response in time to change the talk, but the library sent me email this morning with these answers:

1. There are 1,629,308 items in the collection.
2. No, we do not do a complete inventory of our entire collection.
3. We do monthly weeding (de-selection) reports for items that haven't circulated in 1-2 years and that usually catches most missing items. We cover almost the entire collection within one year. However, we also will do a system-wide ILS report and change items automatically to missing status in the computer that haven't circulated in branches in a very long time. We also do this for items stuck in transit mode between locations for a long time.
4. We do not track missing items at a level that will provide us with statistics like return rate. Anecdotally, however, it is rare that missing items are located again. They are usually missing because of theft.

(I’ll just note that the way they actually track missing items means they wouldn’t detect items that are only misshelved for a month or two. There might be a lot of them. I find two or three every week.)

Anyway, the talk was picked up on Reddit programming and got some wonderful comments. My favorites:

• “My high school did a volunteer day where we took our entire class year and spent an hour in a class learning how they sort the library books, then sent us each to a section to go through, find misplaced books and put them back in order. It took 2-300 of us ~5 hours to sort all of the library.” –Kimano
  
  
• “This posting reminds of when I visited a warehouse that had automated storage and retrieval of items from the warehouse.
  
  “One of the cool things that had to happen periodically was essentially the real-world equivalent of defragmenting a hard disk. If you think a hard disk is slow, imagine how slow it is to physically move pallets and cartons!” —grandzooby
  
  
• “The reason we can insert books in a shelf is that there are some gaps distributed between books, and insertion shifts a couple books around to make space. Insertion sort is O(n log n) is a fun research paper that describes a similar way to organize data in arrays, with enough bogus elements (gaps) for insertion to be logarithmic time, but not so many that binary search is super-logarithmic.” —phkuong
  
  

And several folks linked me to ShelvAR, a super-cool augmented reality app for keeping library books in order. (Incidentally, those guys seriously need to cheat to get higher apparent performance!)

Hack day was so great that I can’t wait to do another one.

Why I am not a teacher

(This is in response to Why CS graduates don’t teach which didn’t sound quite right to me.)

Why don’t I quit my job and become a teacher? I’ve thought about it, but

• Money.

• It seems like public school teachers have to spend a lot of time just fighting active sabotage—whether it’s the legislature, school boards, textbook publishers, administrators, parents, students, other teachers, etc. In a lot of these stories everyone comes off badly. I hate politics.

• I’m used to being empowered to make whatever changes are necessary so that I can do my job. Teachers can’t even begin to do that. They don’t control the curriculum, class sizes, external interruptions, disruptive students, prerequisites, and most importantly they have no control over the goal (test scores). It sounds awful.

• There’s a major “classroom management” component of teaching that I would find stressful and probably unrewarding. I don’t expect I’d be any good at it either. (Money aside, this is the biggest sticking point. I probably just can’t do the work.)

• Here in Tennessee, to teach in a public school, I would have to enroll in education courses. This isn’t a huge deal, but it’s basically a lot of unpaid overtime and I’ve never heard anybody say anything nice about that kind of part-time program. Maybe I’d be pleasantly surprised. (Go on, tell me I’d be pleasantly surprised.)

Bottom line, being a programmer is easy: it’s mostly just programming. I love teaching more than I love programming. If being a teacher were mostly about teaching, I might have to give it a shot. I wish it was. But it’s just not.

…Is it? Go on, tell me it is.

Friar Tuck’s theorem

“Well, then, good fellow, holy father, or whatever thou art,” quoth Robin, “I would know whether this same Friar is to be found upon this side of the river or the other.”

“Truly, the river hath no side but the other,” said the Friar.

“How dost thou prove that?” asked Robin.

“Why, thus;” said the Friar, noting the points upon his fingers. “The other side of the river is the other, thou grantest?”

“Yea, truly.”

“Yet the other side is but one side, thou dost mark?”

“No man could gainsay that,” said Robin.

“Then if the other side is one side, this side is the other side. But the other side is the other side, therefore both sides of the river are the other side. Q. E. D.”

“’T is well and pleasantly argued,” quoth Robin; “yet I am still in the dark...”

—from The Merry Adventures of Robin Hood by Howard Pyle

Understanding a place

Involuntary blockquote:

I’m here, talking to you about talking to rocks, partly because a volcano blew out sideways, and fifteen years later, I turned to look at another volcano I’d known my whole life and saw the same lateral eruption rip it apart thousands of years in the past. “What happened to me,” St. Helens said, “is exactly what happened to them. Your San Francisco Peaks were a peak before that day. Oh, and it would’ve been a really bad idea to stand where you’re standing now, what with the lahar and all.”

I just stood there with my jaw agape, looking from the lahar deposit to the gash in my beloved Peaks, sputtering the occasional overwhelmed expletive as the thrill of realization and the enormity of what had happened pinned me to ground that was perfectly safe for the geologic moment.

This is what I want to give you, my dear readers: the indescribable euphoria that comes from understanding a place for the very first time.

—Dana Hunter (@dhunterauthor), introducing her new blog, Rosetta Stones.

FBI

Andrew Weissmann, the top lawyer at the FBI, says the Supreme Court made a distinction about the Fourth Amendment, which guards against unreasonable searches and seizures, ruling that computers that follow suspects are much more intrusive than people doing the same thing.

“The court essentially is saying that you have an expectation of privacy even though if it was done by humans there would be no violation,” Weissmann says. “But because it's done by machines, it is.”

I guess I should read more about this decision. I mean, on the one hand, it seems to me there’s a pretty obvious practical difference that is going to affect the number of people the government ends up tracking twenty years down the road (in an “all of them” vs. “not so very many of them” sort of way). Not to put too fine a point on it, but if there weren’t a real difference, the FBI wouldn’t be bitching about the decision. On the other hand, yeah, the Fourth Amendment doesn’t seem to be drawing that kind of distinction. So hmmm.

“And the problem with that is that a search warrant requires probable cause to be shown and many of these techniques are things that you use in order to establish probable cause,” Weissmann says. “If you require probable cause for every technique, then you are making it very very hard for law enforcement.”

I am so glad I don’t have the kind of job that would be a lot easier if only we didn’t have a Bill of Rights.

Source: NPR: FBI Still Struggling With Supreme Court’s GPS Ruling

Not censorship

I am in no way calling for censorship. Rush is entitled to all the free speech he wants, but we—as women, as members of marginalized or oppressed groups, and as Americans—are equally entitled to use our free speech and all the tools of the democratic process to get him off the air.

Gloria Feldt, calling for the FCC to take Rush Limbaugh off the air.

I have an honest question here. How exactly would that not be censorship?

Unless I’m missing something, I think the most charitable way of reading this must be to ignore these two sentences entirely, take as read that Feldt knows she is calling for a kind of censorship, and then evaluate the case for censorship on the merits. But the case is ludicrous too. Banning offensive speech? We’re going to build our future on that cliff?

Necessity

New favorite sentence of Wikipedia: “Slaughtering and eating their horses, they melted down stirrups, spurs, horseshoes and other metal items, and fashioned a bellows from deerhide to make a fire hot enough to forge tools and nails.” From Álvar Núñez Cabeza de Vaca, easily among the most incredible true stories I have ever heard.

They had to make their own fun

Every other month, we make do without TV and computer games. The following unlikely thing occurred without any further prompting or help from any grownup. Evidence that our sinister parental plan might be working.

Courage now

A.

What is virtue?

Perhaps the question is wrong, but suppose you were to characterize the habits and behavior you wish everyone would cultivate. What would make your list?

There are many considered answers. For example, the ancient Greeks listed prudence, justice, fortitude, and temperance. Catholic catechism takes those and adds faith, hope, and love. The YMCA promotes caring, honesty, respect, and responsibility. A friend of mine once worked at a nonprofit (the one that runs the Hope and Healing Center in Memphis) that had its own list of virtues (one was gentleness, which gets a big thumbs-up from me). We got to talking about it and I remember asking if she thought fortitude was a virtue. She said no.

B.

You can read the transcript of “Petty Tyrant” here. Or you can listen to it online for free. It’s the story of Steve Raucci, a school district maintenance manager and small-time terrorist in Schenectady, NY. If you crossed him, Raucci would get you fired and brag about it to his buddies in the maintenance department. Or he would vandalize your home and your car with spray paint. He would put a bomb on your doorstep. It went on for years, eight years at least.

Finally a couple went to the district attorney. Raucci was convicted on 18 felony counts. He got 23 years in prison.

Why didn’t someone stop him sooner?

Everyone was afraid of him.

Carl Strock You’d like to think you’d be different. You’d like to think that I would have done something different if I had been in that position. I would’ve stood up. I would have been righteous. But you don’t know until you’re in the position. You can’t be sure.

Sarah Koenig Some of the people who worked for Steve Raucci also thought they’d be different. They were good people. They knew right from wrong. But they tell me, “You had to be in it to understand.” Ellen Frederick said it was almost like being in a cult, being brainwashed.

Hmm. Koenig doesn’t pursue the brainwashing angle; she changes the subject. When she comes back to this aspect of the thing a few minutes later, it’s like this:

Sarah Koenig … When you see pictures of Raucci from the trial sitting there quietly at the defendant’s table, it's hard to imagine that he caused this mayhem all by himself. But of course he didn’t. He was surrounded above and below by people who looked the other way.

Even Carl Strock, the newspaper columnist, told me regretfully that he too had gotten complaints about Steve Raucci from maintenance workers in the past, but didn’t really follow up. And it’s understandable why. Their stories seemed too small and bureaucratic, not something the rest of us would be interested in.

In other words, I see what you’re saying. And you’re not off the hook.

A.

From catechism:

Fortitude is the moral virtue that ensures firmness in difficulties and constancy in the pursuit of the good. It strengthens the resolve to resist temptations and to overcome obstacles in the moral life. The virtue of fortitude enables one to conquer fear, even fear of death, and to face trials and persecutions. It disposes one even to renounce and sacrifice his life in defense of a just cause.

It is possible for good ideas to go out of style. They don’t seem particularly useful in certain places at certain times.

When I consider the future, and what I’ll need for it, I think the time for courage is coming.

Why do we indent code?

Apparently one of the rules of Stack Overflow is that if enough people read and like a post, it gets deleted. Here is one of mine from two years ago. For a time, it was my top-voted answer.

Q: The firm where I work has programmers who still don't seem to understand the importance of indentation and write all the code aligned to left margin. What arguments can I put to convince them of the importance of indentation? —Phulore R, 16 Feb 2010

A: Clearly we’ve all internalized this so much that no one can remember why we do it. At least, none of the other answers so far. ;)

Why is indentation so useful? Because control flow jumps around in a program, and indentation helps you find where it's going. For example:

if (k == 0) {
if (!foo.hasKey(bar))
foo.put(bar, 1);
if (order.held())
order.release();
else
order.markUpdated();
}
Notifications n = order.getNotifications();
if (n != null)
n.sendUpdate();

On the first line, what if k isn't zero? Where do we jump to?

With indented code, you can just visually scan down to the next bit of code directly underneath the if:

if (k == 0) {
    if (!foo.hasKey(bar))
        foo.put(bar, 1);
    if (order.held())
        order.release();
    else
        order.markUpdated();
} //<---- here!
Notifications n = order.getNotifications();
if (n != null)
    n.sendUpdate();

Similarly, at the end of an if block, indentation helps you visually skip over the else block. And at the end of a loop, your eyes can easily zip back up to the top.

Once you're used to it, you can easily follow a break or continue.

Persuading people of anything is hit-or-miss no matter how right you are. :) It seems like it would be best to try to convince one person at a time, in a totally non-confrontational way, using respectful language and real-world examples.

I hope you can convince your colleagues to use indentation, but if not, remember they are human beings doing what works best for them. And remember they’re your teammates. Treat them humanely. Write code they can work with. If you like, spin yourself a little emacs mode that auto-indents the file when you open it and un-indents it when you save it. It’ll be fun, and you’ll have a story to tell. Life is too short to spend it bickering over stuff like this.