Tuesday, March 29, 2016

Even smart people sometimes don't know what they're talking about

Today I was browsing the web site of someone who is very respected in a certain field when I came upon a writing on a completely different subject that is blatantly and objectively incorrect. That didn't make the writer's other accomplishments any less interesting, it just made me realize that like all humans, the writer can be off-base/uninformed.

Therefore, just because somebody is famous or accomplished in one discipline does not mean that everything said by that person is correct (or even close). Listening to someone smart does not provide an opportunity to turn off critical thinking.

Monday, March 28, 2016

Apple vs. FBI is over: Did cryptography lose?

Nope, cryptography is doing just fine; cryptography wins.

The FBI announced that it successfully got into the terrorist's iPhone and read all the data - without Apple's help. There are two major theories about how that happened. I'm getting a lot of my information about this from Zdziarski's blog post, which I highly recommend reading.

  1. The FBI could have used a technique called NAND mirroring. That would allow them to copy the raw contents of the storage medium and rewrite it back every time it got erased by the controller. Such operations would be tricky with a high risk of physically destroying the data medium, but possible with sufficient funds and testing.
  2. There might have been a flaw in the security of the controller's software. Just like how desktop computer software sometimes has vulnerabilities that can be exploited remotely (i.e. without modifying anything on the disk) to take over the system, a certain sequence of input could have been discovered that allowed the FBI to have the controller do what they wanted.
Good encryption would have defended against both attack methods. The terrorist used an exceptionally weak password: a four-digit PIN, for which there are only ten thousand possibilities. For contrast, there are many trillions of possible alphanumeric eight-character passwords, and even those aren't very good. Microsoft BitLocker, a common disk encryption method for Windows computers, is secure even when attackers have the raw data. It holds up because there are so many possible keys.

If you use strong passwords to key strong encryption, you'll have strong security that's virtually unbreakable.

Sunday, March 20, 2016

Volunteering with WQPT

Yesterday, I volunteered at a WQPT event called Imagination Station, which is a day for young children to "meet" PBS Kids characters and engage in activities related to those shows.

My group was placed in the Cat room of the "Peg + Cat" show, which I have never seen and do not know anything about, beyond the fact that it involves a girl named Peg and her Cat. The three activities we managed were a pattern game, a maracas craft table, and a chicken toss game. I stayed with the chicken toss, which was not quite as popular as the maracas craft, but much more successful than the pattern game.

The chickens being tossed were fuzzy cotton-ish things, some of which were decorated with little features to look like chickens. The goal of the game was to toss those items into a row of eight plastic buckets on the floor. It was interesting to see the different strategies employed by different children: some went to the end of the row and threw into successive buckets, some stood back and threw into varying buckets (usually the one on the end labeled "8"), and some just walked up and dropped the chickens in. (That works.)

If I had a nickel for every time I said to a small child, "Do you want to try the chicken toss?", I would be in the top one percent. My job was to greet people, demonstrate the tossing, encourage the tossers, and pick up all the chickens. I'm not well-accustomed to dealing with kids, but there was a minimum of problematic behavior. I had a fine time, and hopefully my involvement made a little difference.

Sunday, March 13, 2016

Sometimes people just don't know what they're talking about

There was recently something of a debacle on Stack Overflow in which one user included an exceptionally dangerous line of code in answer as an example of code that should never be run. Specifically, running the short program in the answer would result in the complete erasure of all writable files on the computer. Fortunately, the bad code was not obfuscated in any way, the section that included it was clearly marked as terrible, the question was not applicable to novice users, and the bad part was neutralized within minutes by a high-rep user. (The previous link was to the original revision, which hasn't been live for a while.) The person who posted the code apologized, and as far as I can tell, never intended to hurt anybody.

Nevertheless, a link to the situation with an editorialized title was posted on the programming section of Reddit, a forum-ish place whose users seem to think pretty highly of themselves. That post wasn't super special; people try to make sensational stories all the time. No, the appalling part came when people started talking about the debacle with zero understanding of Stack Overflow or what actually happened.

Commenters there evidently didn't read the meta post, didn't consider the fact that no newbie would be copy/pasting that answer (because of the toughness of the question), and assumed malice from the start. Accusations of psychopathy got thrown around, and there were calls for that user to be banned. Nobody seemed to understand how Stack Overflow works or what its moderation process is. Comments accusing the original poster of being unrepentant got lots of upvotes, while explanations of what actually went on were not so acknowledged.

The lesson to learn here is that people who come sailing in with passionate condemnations might have absolutely no idea what they're talking about.

Wednesday, March 9, 2016

Sopes de cecina

A Spanish class assignment has me creating a video of myself talking in Spanish while cooking something from a Spanish-speaking country. The trick is that I'd never cooked anything remotely challenging before. I picked (essentially at random) sopes de cecina. I could find neither sopes nor cecina, so I did some substitution - tortillas and pork, respectively.

The cooking part actually went pretty well; it was the camera management that was troublesome - the tripod I used couldn't rotate up and down, only right and left. Nevertheless, I got some decent shots of cutting the pork, salting it, frying it in a pan, and of building the final product. The food, surprisingly, turned out quite well despite the untested substitutions.

I now know one actual recipe.