Wednesday, March 29, 2006

Adventures in travel...

I'm not fond of flying. I do it a lot, but that doesn't stop me from wondering each time I get into an airplane if this will be the time I win the game of russian roulette. Of course, the odds of winning at russian roulette are much better - indeed, the odds of getting killed in a car are much better. But the feeling of being out of control makes it different - someone else is in charge of your destiny for the time that you're up in the air.

Anyway, I discovered an interesting factoid about my own personal fear of flying: I feel much more secure when flying in bad weather than in good weather. Yesterday, our flight was delayed out of Austin, but we finally got on the airplane and were cleared for takeoff, and actually on the runway, when a light came on and the pilot diverted us to a parking area to check it out. After a little while we taxied back to the gate. Mechanics boarded the plane. The pilot said there was a problem with the pitot tube heater, and they might be able to fix it. There was a loud bang above our heads at one point - the sound of someone whacking the metal pretty hard, probably to put the equipment back together or something. Finally we were told "sorry, guys, we're canceling the flight - go get rebooked." Big relief - I would rather that they did a careful repair than a rushed repair.

So we spent last night in the Austin Airport Hilton. A pretty nice place, although the windows are remarkably narrow. The restaurant is good there, but watch out for the linguini alfredo - they add wine to the roux instead of cheese for flavor, which, if you want to avoid wine, is a problem.

This morning, we were back in a plane, on the runway, taxiing for takeoff, when the pilot came on and told us we were going to have to park for a while and wait for some thunderstorms to pass. So fine, we wait for about forty-five minutes. There's some dramatic weather. Finally we're cleared for takeoff, and we do take off, at a very steep rate of ascent (because if there's turbulence, higher is better, I guess). There was some turbulence, but nothing special. What was interesting were the occasional flashes, like flashbulbs going off. Apparently we were flying into some interesting territory.

The best part was that about ten minutes into the flight, I was looking out at the storm (having a pretty good time, by the way - I really didn't feel like we were in danger) and saw a lightning strike directly below us - a beautiful spiderweb of lightning, and the thunderclap came almost instantly. The woman in the seat behind me closed her windows, and Andrea looked a little worried. I was a little taken aback, but there wasn't any St. Elmo's fire on the wings, so I felt like we were okay (and realistically, we really were okay - modern airplanes can handle lightning a lot better than the ones you see in old movies). We were never in any severe turbulence - I've had more exciting turbulence experiences when there was no storm in sight.

Sure enough, a few minutes later we emerged from the back of what looked like an anvil cloud, into a beautiful scene of cumulus cloud tops. The weather got progressively better, and by the time we landed in Dallas about 30 minutes later, the plane was mostly dry.

The next flight, we had a little clear air turbulence at 30k feet, where it's really not a problem, and my palms were sweaty. Go figure. Landing in Tucson was uneventful. It was only 22 hours after we left Andrea's parents' condo in Austin. The apricot tree is covered with new leaves, and the redbud is too. Andrea planted some tomatoes today. Nothing really major to report...

Tuesday, March 28, 2006

Movie recommendation...

There are a lot of mistakes you can make in a movie. Lame plot. Too much plot. Not respecting the intelligence of the audience. Having nothing to say. Bad acting. Gratuitous scenes. Bad music. Bad camerawork. Wasting screen time explaining things the audience can accept without explanation. You name it. Sometimes I'm amazed at how many movies get made that are actually worth watching.

Even if the director, the screenwriter, the actors and all the others who conspire to create a movie don't make any of these mistakes, or dozens of others that someone who actually knows something about making movies could probably recite, but that I'm not aware of, you may not get a great movie. But sometimes you do.

A great movie doesn't appeal to every viewer. Some people won't understand it, because the director overestimated them. Some people will be offended by it, because it say something meaningful, and whenever you say something meaningful people get offended. Some people will see only the surface, and miss the depths that the director tried to communicate, and so will see the movie as superficial when it is not.

V for Vendetta is a great movie. I doubt it'll win any Oscars (although I hope it does). But it is truly a great movie. If you haven't seen it, I recommend that you do so. I can't say what about the movie is great, and I can't promise that you'll like it. So many things about it worked, and (at least to me) they didn't make any serious slipups. Ted-bob sez check it out.

Saturday, March 25, 2006

Why not be a Billionaire?

I'm writing this as a sort of response to something that Will Shetterly wrote on his blog recently. I won't paraphrase his article - if you want to see what this is in response to, I encourage you to read his blog, which is very much worth reading, despite the fact that I don't entirely agree with what he said in this particular case. Or rather, I don't think it's a useful answer.

One motivation for becoming a billionaire would be the theory that "I can do better for the world with the billions I earn than the world would do with those same billions, left to its own devices. So I will earn this money as best I can, and use it to make the world a better place." I'm not asserting that this is a correct reason to try to be a billionaire, but it's as good a reason as any, and it's one that at least some wealthy people seem to live by.

For whatever reason, I know quite a few wealthy and formerly-wealthy people. I know people who have spent themselves into the poor house helping others. I know people who have been wealthy and lost their wealth through bad investments. And I've exchanged email with people who have stolen more than I have earned in my life, and are still poor.

My experience thus far confirms the truism that the rich are just like everyone else, only they have more money. Yes, things do tend to go better for them, because one of the things they can afford is better lawyers. But I haven't seen a lot of evidence to suggest that as a class, they are less generous than poor people, or that as a class, they are more generous, or that they are more honest, or less honest.

I think looking at them enjoying their wealth and saying "they are being selfish" is, if perhaps somewhat true, still not very productive. The problem of a person who is living in poverty is not that there are people who are living well. It is that they are living in poverty. If we want to help them, we could take wealth from the rich, and give it to the poor, or we could try to create more prosperity, without taking anything from anyone.

We are already part of the way to doing that. There are tragically poor people in the United States, but there are fewer than there were at any previous point in history, if you discount the period of unprecedented prosperity in the United States in the latter half of the 20th century. If you look at just that little slice, then you can definitely see a downturn in the past thirty years, and that's a shame. But the point is that we really are wealthier as a nation than we were at the start of the 20th century, and even the poor people in this country really do benefit from that.

There are tragically poor people in the world, and there are more of them than ever in history, but even there the standard of living in many "overpopulated" countries has risen, and continues to rise - e.g., India and China. The way China has increased the welfare of its people is not always pretty, and the increase is no more uniform than it has been in the United States. But it's an increase that has potential - I recently read a fairly credible prediction that the standard of living in China would be the same as in the U.S. in about twenty-five years, which is extraordinary considering how China started the previous century.

When you hear about people starving in the streets, or worse, see them, the need to solve their problems now is overwhelming. And it's true that if all the wealth in the world were distributed evenly, then at least for a moment the problem would be solved.

But therein lies the problem: the reason people in the world are poor, and others are rich, is not that there isn't enough wealth to go around, and it's not that there aren't well-intentioned people in the world, who would give the shirt off their back to help another person. It is that there is a systemic problem in the world that prevents an even distribution of wealth from persisting, and that allows wealth to form pockets, and poverty to form pockets.

It's not a conspiracy of people. Yes, there are people who conspire to retain their wealth. There are criminals who take wealth from those who have earned it. But the evil that lies in the hearts of people and encourages them to allow this situation to continue lies at the hearts of just as many poor people as rich ones.

To really change the world, it doesn't do to overthrow the existing regime, whatever it happens to be. That's been tried, to no avail. The trick is to render the regime obsolete. To make the world a better place by becoming better people. And the only agency of change that can transform a person who is less able to be part of a utopia into one who is more able is for that person to be the agent of their own change.

If this seems hopeless, in a sense it is. You can't feed the poor that you see by trying this method of changing the world. The poor that you feed with this method haven't been born yet. You don't get the immediate satisfaction of seeing a happier world. You just have to have faith that you are working to destroy the system that makes the world what it is.

I have a friend who's spending his surplus from a fairly fortunate couple of years to become someone who understands biochemistry to the point where he can work on developing machines that can fix the human body; ultimately, to destroy aging, and to destroy poor health. He isn't demanding that anyone else do it. He's taken personal responsibility for creating a world where there is no word for "sick."

I don't know whether he'll succeed or not, but that's what I'm talking about. You could call what he's doing an outward activity, and it is, but the thing that makes it possible is the motivation he has in his mind. And if the future holds any kind of genuine utopia, it is people who have the same motivation in their minds who will ultimately create it.

Thursday, March 23, 2006

Problems found and solved...

One of the big advantages of open source software is that a lot of people use it, and a lot of people ask for help with it, and their questions wind up getting cached somewhere public, and Google exists. So if you have a problem, chances are that if you can write the right Google query, you can find the solution.

One of the challenges in getting things to work securely is that most people aren't very security conscious. This includes most geeks. So the reason that, for example, a bunch of banks are now reissuing hundreds of thousands of debit cards is that somebody wrote a point-of-sale terminal software package that stores debit card information on the local computer system. Someone's writing software that's being trusted with peoples' debit card information - their card number and their pin, which together provide enough information to make and use a fake copy of the card. And they stash this information on disk, and never erase it. And then some time later, someone pops a USB drive into the USB port of the relevant computer, copies the files off onto the USB drive, walks away with tens or hundreds of thousands of bank accounts, and starts making cards and withdrawing cash from them.

This is every geeks' worst nightmare. In fact, the people wrote this software probably were conscious of security - they just forgot that the database engine they were using was written by people who didn't know that the people writing the point-of-sale software were going to temporarily store sensitive information in it. I'd like to say that I'll never make a mistake like this, but once when I was working in a very security-sensitive situation, I did make a mistake like this. The good news is that a co-worker noticed it before anything bad happened.

So anyway, I'm really paranoid about this sort of thing now. So today I'm working on getting an email server to talk to another email server. The second email server requires a username and password before it will accept mail from the first server. What it doesn't require is that you make any effort to keep the username and password confidential.

When you send data over the internet, it's like writing it on a postcard and sending the postcard. You wouldn't write your credit card number on a postcard and mail it - you'd put the information in an envelope, at the very least. So I've been trying to get my mail server to use an envelope. And I figured out how to configure it to do that, but it wasn't working. The metaphor breaks down here - the envelope is actually a clever algorithm that uses some fancy math to hide what's being sent; in order for it to work, both ends of the conversation have to have some pre-agreed-upon information that they use to make the math work. And my mail server couldn't find that information. So I was getting this error in my error log (I'm putting this here so if someone googles for it they'll see this message):

blah blah postfix blah: SSL3 alert write:fatal:unknown CA

CA stands for Certification Authority, which is an actual company that specializes in certifying the little bits of math in servers in a way that allows this envelope-making algorithm to work. The idea is that the CA is your friend, whom you trust. You know your friend's signature. So if your friend signs the certificate of a person you don't know, then you can trust that your friend checked this person out, and vouches for him. Very much like a letter of credit in Victorian times, only it's being done for machines.

Anyway, I spent an hour reading documentation and fiddling with parameters, and finally thought to google for the error message above. Five minutes later, I had it working. The fix? This is going to require another tortured metaphor. Imagine that your computer is a mountain. And you want to provide service on the network from your mountain. So if someone can get to the top of the mountain, they can see anything on the mountain, and if you make a mistake in how you set things up, they can modify anything on the mountain. You don't want that.

So you have a cliff on your mountain, and there's a ledge several hundred feet down, with nothing but air and cliff for another several hundred feet below it and to either side. And on that ledge you put the stuff you want people to be able to access. You can look at it and change it, because you're sitting at the top of the mountain. And you have a little agent sitting on the ledge. The agent can only see and touch what's on the ledge - you've isolate the agent from the rest of the mountain. So let's say some miscreant out on the internet figures out a way to get control of your agent, sitting there on the ledge. Well, they haven't gained much, have they? Maybe they can get the agent to chuck something over the ledge, or scribble on the cliffside where people can see it, but the agent can't get off that ledge, so anything not on the ledge is safe from the suborned agent.

That's what the mail server software I'm using, postfix, does. It just sits there on the ledge doing its thing, and if someone hacks it, they have control of the ledge. Big whoop. The trouble is, the certificates it needed to make the envelope weren't on the ledge - they were somewhere way up the mountain where it couldn't reach them. So when it tried to verify the other end of the connection, it couldn't, because it couldn't find the certificate that would validate the math that let the envelope be constructed.

The fix: make a copy of all the certificates and stash them on the ledge where postfix can get at them. By the way, this system of putting stuff on ledges is called chroot - change root. Effectively, you're saying "okay, for this guy, the top of the mountain is his ledge, and that's all he can see."

In specific terms, on ubuntu linux, I copied the contents of /etc/ssl/certs into /var/spool/postfix/etc/ssl/certs, like this:

% cd /var/spool/postfix
% (cd /; tar cfh - etc/ssl/certs) |tar xvf -

And I hacked /etc/postfix/main.cf to add the following:

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_auth_enable = yes
smtp_enforce_tls = yes
smtp_enforce_peername = yes
smtp_sasl_security_options =
#smtp_tls_loglevel = 2
smtp_tls_CApath = /etc/ssl/certs

This says "look in the hash /etc/postfix/sasl_password for the password to use to authenticate with the other mail server." And then "try to authenticate when connecting to other servers to deliver mail." And "when connecting, require that the connection be secured with SSL" (SSL is the envelope - it's what protects every transaction you make over the web with your credit card, or at least you'd better hope so). And then "make sure the guy I'm talking to has a certificate that proves he's who he claims to be." It turns out you don't need to set any sasl security options. The loglevel hack enables logging of SSL problems, which was helpful in that it led me down several entertaining blind alleys. And finally, you need the CApath to tell postfix where to look for those trusted certificates. CApath is relative to the chroot - the ledge. So the certs are really in /var/spool/postfix/etc/ssl/certs, but as far as the postfix smtp daemon is concerned, they're in /etc/ssl/certs, so everybody is happy.

Anyway, if you've made it down to here, you're probably hoping for another tortured metaphor, but I don't have one for you. Sorry.

In other news, if you want to get a Samsung t809 to sync to your Prius, you need to do two things. First, you need to get it to pair with the Prius. Then you need to go to the bluetooth security menu on your phone and make the Prius a trusted device. Then it will peer automatically every time you get into the car. Otherwise, it will only peer that first time, and then every other time the peering will fail. Funny how nobody ever actually writes down the detailed steps of this process anywhere obvious. That's the problem with getting two devices made by two different companies to talk to each other, when one of the companies has a marketing arrangement with cell phone providers other than the one you use. Not that I am bitter. Oh no.

Oh, BTW, we don't have a Prius. But Andrea's father-in-law is a very generous man, and has allowed us to use his this week.

Monday, March 20, 2006

Pessimism...

Question: is the availability of energy-efficient cars like the Toyota Prius a good thing, or a bad thing? It seems as if the answer should be pretty clear cut, right? The Prius gets 60mpg on the highway, 49 in the city, if I remember correctly. My father-in-law's Prius is sitting at 49.9 mpg right now, with mostly city driving. That's a damned sight better than most cars - our Honda Civic, which would once have been considered quite energy-efficient, gets ~34mpg on the highway, ~29 in the city.

So when we replace our Civic, we're probably going to buy a Prius, or something like it. We don't intend to replace our Civic until it's no fun for us to own it anymore, so we'll probably have used up most of its useful life. And unfortunately, much as we might wish otherwise, not replacing the Civic when it wears out is not an option. We have a need to be able to drive from time to time.

So it's a good trade, right? Instead of buying another Civic, which gets 34mpg, we'll buy a Prius, which gets 60mpg. Our energy footprint (at least for driving) is nearly cut in half. Well, you'd think this was a good thing, but there's a school of thought that says it's not.

The way the reasoning goes is that the reason that car manufacturers sell cars with high milage is so that they can bring their corporate average fuel economy (CAFE) down. For every high-mileage car they sell, so the reasoning goes, they can sell a really low-mileage car to compensate. Or they can sell two medium-low-milage cars. So when I buy a Prius, thinking I'm saving energy, what's really happening is that I'm trading my energy savings against someone else' gluttony, for a net energy savings of zero.

This is a reasonable argument, and I can't really fault the people who make it, but it's essentially a pessimistic argument. The argument is generally presented as an argument in favor of raising CAFE standards. I'm all in favor of that. But the political climate doesn't seem to be there this year.

Anyway, let's do a little reductio ad absurdum. First of all, if it's true that I can't win by buying a more energy efficient car, I might as well buy a Hummer. It makes no difference, ultimately, right? Well, duh, of course it makes a difference: to me. I spend less money on gas. I consume less energy. If the averages don't work out, that's a shame, but it's still good for me, personally, to buy a Prius, because it benefits me, and it certainly does less harm than I would do if I bought a Hummer.

But there's another side to it. CAFE standards assume that there's no economic incentive to conserve energy. And that there's no societal incentive to appear not to be a complete glutton. But neither of these things is true. Even down here in Texas, the local paper has an article about how people who drive Hummers are increasingly being harrassed, and also that driving a Hummer, which was a very desirable thing three years ago, is now a clear marker of a person who is not part of the in crowd. And there's the $300/month spent on gas (which seems low, honestly), and the pain-in-the-neck factor. Apparently it's getting hard to sell gas guzzlers, for some reason. Reminds me of the seventies.

So in fact an optimist would hope that even though he or she bought a Prius, there might not be a buyer for the Hummer that would offset its better mileage. Even if not everybody buys a vehicle that's as efficient as the Prius, it might be the case that buying a Prius is good simply because the market is now demanding more efficient cars. It's a shame that some of the new hybrids that are coming out don't get the kind of mileage the Prius gets, but it's still a happy shift to see a Sport Utility Vehicle that gets mileage comparable to what our Civic gets.

I don't want to force a moral to this story down your throat. There are a lot of scary things happening in the world today, and global energy consumption and carbon pollution is one of the big scary things. It may be that the pessimistic view is right. But in fact, I think it's not.

So does that mean that if you want to save the world, you should buy a Prius? No. Being a consumer can't save the world. But to the extent that we are all stuck being consumers, we can at least consume less stupidly than we have been. And that is not impossible.

Friday, March 03, 2006

A quick technical note...

I googled like crazy for the answer to this question yesterday and didn't find it, so I'm blogging the answer now that I know it. I'm trying to use the new version of amarok, which is a KDE-based music player for Linux. It has a bug, which I hoped to fix, but haven't been able to fix. In the process of trying to build a version that I could debug, I managed to leave some tracks on my filesystem which prevented the official version from running.

The symptoms were that whenever I tried to run the official version of amarok, I'd get an error from kbuildsyscoca:

kio (KSycoca): ERROR: No database available!

There are probably lots of reasons why this can happen. None of the ones I found in my web search were it, though. It turns out that I'd accidentally left some amarok configuration files in /usr/local from my debug build of amarok, and these were overshadowing the official versions of the files. So the way I got this error message to go away was to search /usr/local for every file whose name contained the string "amarok" and deleting all of them.

If you are a neophyte and don't habitually install from source, this solution will definitely not work for you, because you did not commit the sin that I did, so the cure for your woes is not the one that worked for me. Only use this solution if you really seriously know what you're doing. If you use this solution and amarok starts really not working for you, uninstall and reinstall it - you probably polluted your installation.

This isn't as bad as a windows registry problem, but it was pretty ugly - it took me an hour or more to figure out. Error messages, people. Error messages are important. Not that I am bitter...