Russell's Blog

New. Improved. Stays crunchy in milk.

Sadam

Posted by Russell on December 29, 2006 at 10:25 p.m.
The news says that Saddam will be hanged pretty much any minute now. I'm opposed to the death penalty on principle, but I think that there are extraordinary cases where it may be justified. Genocidal leaders are one of the few categories of humans who I think should face the death penalty.

However, I think it is a huge mistake to execute Saddam, especially now. Once deposed, genocidal leaders can serve humanity in the critically important function of providing a focal point for the investigation and historical elucidation of genocide and conflict. Saddam is much more valuable to Iraqis alive than dead.

Furthermore, the country is still occupied by a foreign army (ours), the courts are neither trustworthy nor independent, and a sectarian civil war is still raging. Clearly he is guilty of the crimes for which he has been sentenced, and if any crime is bad enough to merit execution, his certainly do. Nevertheless, I hope his execution is postponed. He has a lot to answer for, and he should be made to answer for it in a working court system.

I am a spaz

Posted by Russell on December 26, 2006 at 2:21 a.m.
I bought Mimi a new laptop for her birthday. I suppose it's also for Christmas/Hanuka, since they are close to her birthday and I didn't have much money left over. I bought her a cute little coffee maker thingy for $WINTER_HOLIDAY, but it's sort of a weak gift. The laptop is a white MacBook.

As anyone who has purchased a Core Duo MacBook recently knows, there are hundreds of megs of updates to install, including at least two firmware updates. I successfully applied the EFI update, but after many monotonous hours of updating, I failed to notice that the instructions for the SMC firmware update are different. The EFI update requires you to shut down the machine, and then hold down the power button until it beeps a couple of times. The SMC update just reboots the machine and runs automatically. Recalling the instructions for the EFI update, I clicked the pulsing blue button, waited for the machine to go dark, and then reached for the power button. Naturally, I pressed it just in time to shut down the machine as the update was starting. Update fails, firmware breaks. Whoops.

The annoying thing is that although the machine still boots (it can't find the battery or control the fans), there is no clear way to recover. The firmware restoration CD on apple.com doesn't work. The restoration CD seems to be intended to fix a worse problem (i.e. -- no booting at all). If Apple is going to automatically push firmware updates to users that can potentially brick their machines, they should have a universal firmware-fixing CD. I would be perfectly happy if it reinstalled the factory firmware, and I had to re-apply all the updates.

As it is, the best I can do is bring it back to the store. Fortunately, I have to do that anyway to buy Office and more RAM.

RIP: Flickr sidebar

Posted by Russell on December 21, 2006 at 7:11 p.m.
For some reason, the Flickr sidebar for Typo is causing Rails errors. It has been removed.

Thank you for your patience.

Finally, a use for my graphics card

Posted by Russell on December 19, 2006 at 1:27 a.m.
When I bought my graphics card, I was motivated by the mistaken belief that I would have time to play video games. "Fantasy" doesn't even begin to describe it; "delusion" would probably be more accurate. Since then, I have been thoroughly disabused of my delusions of free time.

So, I have an aging but very nice Radeon 9200 card in my workstation machine. Something like 95% of the circuitry on a modern graphics card is dedicated to 3D graphics, where on my computer, it has been doing absolutely nothing. That is, until Pete introduced me to the Beryl Project. Wobbly windows! Rotating desktop cubes! Real-time alpha blending! Crazy window transformations!

I guess I'll never have time to play games. I don't feel so sad about that anymore; I can have almost as much fun watching my terminal windows undulate across my desktop like drunken sea creatures.

Back to work

Posted by Russell on December 16, 2006 at 5:19 a.m.
Now that finals are over, I can get back to my research for a while. The last issue that needs to be settled before I can submit my paper for publication is the matter of The Ripples.

The ripples are an artifact of a numerical trick I had to use to make the computation run quickly when the plasma beta is near 100%. I had to interpolate one of the intermediate steps, rather than calculating the exact result every time. The ripples go away when I switch off the interpolation step -- it's just prohibitively slow.

So, this is the last hurdle. Then I can publish. Woo hoo!

221A Done

Posted by Russell on December 14, 2006 at 6:48 p.m.
I just finished the Quantum exam, and I feel awful. The exam questions bore only rudimentary resemblance to problems we did in the homework or in class. They also bore little resemblance to the material on which the TA and the professor suggested that we focus.

I suppose it would have been just fine if this were the tenth time I'd done this class, which is probably why it seemed reasonable to the professor. As it is, I just have to hope that the rest of the class is about as miffed as me, and hope that my 94% homework average will keep me above the cutoff for an A.

Gee, thanks UCLA

Posted by Russell on December 12, 2006 at 3:42 p.m.
The LA Times is reporting that a database containing personal records of 800,000 UCLA students, staff and faculty was breached. Not only was it hacked, but it took them a year to notice.
UCLA officials said the attack on a central campus database exposed records containing the names, Social Security numbers and birth dates -- the key elements of identity theft -- for at least some of those affected. The attempts to break into the database began in October 2005 and ended Nov. 21, when the suspicious activity was detected and blocked, the officials said.
This is a somewhat ambiguous way of phrasing it. If "Nov. 21" is meant to be November 2006, then it took UCLA a more than a year to notice what was happening. If it was November 2005, then it took them more than a year to fess up. Either way, it's disastrously incompetent.

As it often does, the LA Times takes the most stupid possible position on the problem. Instead of criticizing UCLA for its incompetence, they conclude that it is the "openness" of universities that lead to these breaches.

The UCLA incident is the latest in a series of computer security breaches affecting private organizations, financial institutions, government agencies and other large employers. Partly because of their tradition of openness, universities are proving to be a favorite -- and often vulnerable -- target, several experts in the field said Monday.

"Universities tend to have a lot of information floating around in a lot of different places," said Jay Foley, executive director of the Identity Theft Resource Center, a San Diego-based nonprofit. "They are places we send our children to share ideas, and it's hard to mix the open sharing of ideas with the need to tighten down on security."

This is so stupid it makes me see red. There is no conflict between "the open sharing of ideas" and protecting people's social security numbers. The LA Times is pushing the narrative that technological progress is incompatible with privacy and free speech.

No, dipshits. Incompetent database management is incompatible with privacy, and "the open sharing of ideas" has nothing to do with it.

The most infuriating thing about these breaches is that, for the most part, universities and companies have no use for this data. The data they do need is ineptly and haphazardly scattered around the organization in dozens or hundreds of semi-formal databases, usually replicated inaccurately and incompletely by hand on an ad-hoc basis. It usually isn't the database that is actually important to the institution that gets hacked; it's one of the little ones that was set up to solve some side problem in an organizational backwater. Once those databases are created, they always grow; institutional instinct is to always collect more information, and to keep it as long as possible. It is the marriage of proliferating, non-critical and ineptly administered databases of sensitive information with institutional instincts about record keeping is destroying our privacy.

The solution, I think, is more, not less "openness." Stop asking people to register, sign in, or create an account in order to do trivial things. I understand the need to associate people's social security number with, for example, their payroll information, or their grade transcripts. Hire professionals to build, administer and protect those databases, and they can be as safe or safer than paper records. I do not understand the need to place this information in databases used control access to the gym, library, parking garages, et cetera. Anonymity and physical security are the solutions to these privacy threats. It might cost more to let the general public access those facilities, but I think that is a small price to pay for limiting the number of targets for would-be identity thieves.

Update:

It looks like I am among the 800,000 :

...

I regret having to inform you that your name is in the database. While we are uncertain whether your personal information was actually obtained, we know that the hacker sought and retrieved some Social Security numbers. Therefore, I want to bring this situation to your attention and urge you to take actions to minimize your potential risk of identity theft. I emphasize that we have no evidence that personal information has been misused.

...

I guess I should be glad that I live in California, where they are at least required to tell me when this shit happens.

After the 100 Hour Plan

Posted by Russell on December 10, 2006 at 6:55 p.m.
My dad and I have been talking about the 2008 campaign and various platforms for Democrats could use. We've come up with a platform for the next two years, encompassing the coming sessions of Congress and the 2008 elections.

There is a lot of stuff on this list, but each item is achievable with decisive action. Some of it could be accomplished starting in January, other things would have to wait for a Democratic White House. The idea is that for next two years (including the 2008 campaign), Democrats should pick an agenda and stick with it. Achieve as much as possible with control of Congress, and highlight those achievements in the election as proof that they can Get Things Done. Then, the message in 2008 can be "Let's Finish the Job."

  • Return to the time-tested principles of American government
    • Rebuke the loan industry, especially college loans
    • Auditing reform across all government programs
    • End illegal wiretapping
    • End support for torture and extraordinary rendition
    • Junk Bush's illegal practice of issuing signing statements
    • Scrap the Military Commissions Act
    • Correct organizational blunders (extract FEMA, the Coast Guard, the TSA and the Customs Agency from DHS)
    • Try bin Laden and Guantanamo suspects in civilian courts
  • Return to the time-tested principles of fair taxation
    • Sunset tax cuts for the rich
    • Fix the alternative minimum tax
    • End subsidies to prospering industries (oil in particular)
    • Rebuild the enforcement mechanisms for industry (the SEC, FCC, FTC, EPA...)
    • Balance the budget
  • Return to the time-tested principles of environmental stewardship
    • Reinstate environmental protections
    • Greater funding for conservation and alternative energy
  • Return to the time-tested principles of world leadership
    • Out of Iraq ASAP
    • Seek greater international consensus in foreign policy
    • Officially re-ratify the Geneva Conventions
    • Reduce China's influence over the value of the Dollar
    • Force Israel to make peace with the Palestinians
    • Catch Osama bin Laden
    • Immigration reform, provide a pathway to citizenship
    • Replace or augment NAFTA with an Immigration and Development treaty; if the Mexican economy and currency are stronger, immigration will fall
  • Return to the time-tested principles of innovation and entrepreneurship
    • Modest globalization protections for American workers
    • Simple, minimally invasive universal health care
    • Urban redevelopment, especially in transportation and education
    • Agricultural reform; protect small farms and reverse the trend toward factory farms
    • Increase funding for science and technology
    • Replace large, under-preforming science projects (the Shuttle, ISS...) with less expensive, more promising alternatives
Most of the stuff on this list has no ideological color. Democrats should emphasize as much as possible that resuscitating the existing apparatus of government is neither liberal nor conservative. Democrats should talk about the new things they want to do (universal health care), but they should always preface these discussions by pointing out that the repair work takes precedence.

Playing with MayaVi2

Posted by Russell on December 06, 2006 at 9:20 p.m.
I've been looking for a good 3D plotting tool that can, in some way, be coaxed into a healthy relationship with python. Actually, I'd settle for anything, really. All I really want is the ability to easily embed points and surfaces into a volume, and then be able to apply some basic manipulations (rotation, translation and zoom). What I'd really like is to have an interface that would work something like this :
import scipy
import plot3d
plotter = plot3d()

plot = plotter( title="I'm a plot!" )
plot.point( 1.0, -0.5, 1.25 )
plot.point( 0.25, -1.5, -1.25 )

def f( x, y ) :
    return scipy.sin(x) + scipy.sin(y)

xx = arange( -1.0, 1.0, 0.01 )
yy = arange( -1.0, 1.0, 0.01 )

plot.func( xx, yy, f )

plot.show()

plot.save( filetype='png', 'image.png' )

The output doesn't have to be accelerated, although that would be nice. The important thing is producing tolerably good images. Well, the closest thing that I can find is MayaVi2. I would include a link to it, but the site (sites?) is/are confusing enough that I can't even guess where to point the link. You will do no worse than me with a Google search. Clearly, something interesting is going on, but it's not altogether clear what.

Anyway, by checking out a staggeringly large amount of code and following the relatively simple build instructions, here is what the output looks like :

Evidently, the thing I actually want is called mlab, which sort of emulates the 3D plotting available in MatLab. The idea is rather like the pylab API of the fantastic matplotlib package, but for 3D. The rest of the code appears to be some kind of huge visualization framework, like OpenDX rebuilt in wxPython with similar intentions and a completely different design.

There are some rendering bugs that are probably the fault of my graphics driver, and the visualization system itself is bewildering and semi-working. The mlab module only seems to work correctly when called from the python console embedded in the MayaVi2 GUI, and even then segfaults when certain other modules are loaded (e.g., matplotlib). Also, the snapshot feature is completely broken, and will either crash or write a file full of garbage (the image above is screen capture via X.org). Maybe I will appreciate it more when it works a little better, but for the moment, I would be happy if someone kidnapped mlab and moved it into the matplotlib family of tools.

I will have to play with this some more. It has a lot of promise if I can get around some of the bugs.

Draft Al Gore

Posted by Russell on December 05, 2006 at 5:23 a.m.
Dear Mr. Gore,

Even if you don't run, we can still draft you. Please don't take offense.

Thank you.

Al Gore in GQ :

So if you decide to run, do you think we would see the Al Gore from the movie? Or the Al Gore from 2000?
Well, I don’t plan to run. I don’t plan to run. And I don’t expect to run.

How many times a day does somebody ask you this?
Well, I’m doing a lot of interviews and it’s on the list of questions. For every one of them. And I appreciate that. I appreciate that people think enough of me still in that world to ask that question. It’s true that I haven’t, uh, gotten to the point where I am willing to completely rule it out for all time. But, that is really more a matter of the internal shifting of gears. I’m not making plans to run again.

But you’re not ruling it out?
Uh… no. [smiles]

Dear everyone else,

To help draft Mr. Gore, you can donate to his campaign (whether he wants one or not) at his Act Blue Presidential Draft page. Your donations will go to the DNC if Mr. Gore doesn't enter the race by the national convention.

New Car!

Posted by Russell on December 02, 2006 at 8:02 p.m.
I'm sure this is old news to most people who know me, but I bought a new car a little while ago. It's a 2007 Toyota Yaris Liftback with a manual transmission. I bought it through Costco's car purchase program, which I highly recommend to anyone shopping for a new car. Negotiating with car dealers is always a headache, and I wasted three weeks trying to convince dealers to actually sell me the car I wanted. Once I went through Costco, it was a snap. You still buy from a dealer, but effectively you let Costco do the negotiating for you.

In the end, I bought it from Torrance Toyota dealership. They were very nice.

The Yaris is a great little car. It is peppy, its handling is responsive but not twitchy, and it is comfortable. I would describe it as "adroit," but that is anthropomorphizing a bit too much. It is a small car, but it isn't cramped. I'm 6'3" (when I stand up straight), and I don't need to push the driver's seat back all the way. It's even possible for a normal-sized person to sit behind me (though maybe not comfortably enough for a long road trip). Most aspects of the car are minimalist but clever. The factory sound system is surprisingly good.

The gas mileage is quite good. I've filled the tank up twice so far, and I calculate that I'm getting just shy of 40 MPG. I should be able to improve that a little as I get used to the clutch and don't need to rev the engine so much when starting in first.

That said, I'm a little disappointed that it's still impossible to buy an electric car. The Yaris, and vehicles of its class, could easily be electric. The Yaris is a commuter appliance, not a family car. They are too small for most people to want to take them on long road trips, so a range of 100 miles is perfectly acceptable. That's easily within the reach of today's technology.

For the last several years, America has supposedly been the land of the pickup tuck and the SUV. However, at the same time, America absolutely fell in love with the Toyota Prius and the hybrid engine. Car companies executives seem to understand well enough that there is demand for a wide spectrum of vehicles -- Toyota itself offers a bewilderingly extensive range of models. Why can't they understand that there is also a demand for a wide spectrum of engine technologies? People who buy minivans might well be interested in taking the family on a road trip to Yosemite, but that same family probably owns another car that almost never travels more than 50 miles from home. The bulk of American drivers live in or very near urban centers, where smaller, electric cars would be ideal. Yet, car companies seem unable to sell anything but large, general purpose vehicles.

One day, a car company will realize this, and make billions. It would make me very happy if those billions stayed here in the USA.

Calling Mr. Obvious

Posted by Russell on December 01, 2006 at 2:22 p.m.
Evidently, cyber-jihadists are planning to launch an attack on the web sites of US stock market and banking web sites, or so the U.S. Computer Emergency Readiness Team has learned from a blog somewhere.

I'm sure the security operations people at those institutions are glad for the heads up, although they are probably a little busy dealing with the millions of other attacks that hit those web sites every day. The NYSE's web site, and the web site of all major stock exchanges, are not strictly necessary for critical operations. In the unlikely event that the attacks succeed (where millions of other similar attacks fail), there would be no impact on the exchange itself. In any event, it doesn't seem as if website defacement is a major concern. Christopher Westfall, Managing Editor of KPMG's Banking Insider wrote in the Winter 2005 report "The State of the Banking Industry" :

"Usually, [remote] attacks against systems or networks are transient and don't have a long-term impact," [Goldman-Sachs vice president Byron] Collie said. Remote cyberattacks usually lack the widespread network access rights needed to cause serious damage. "Without access, no amount of technology will help," Collie added.

In the past, terrorists have used external computers as their method of attack in a few less-than-successful campaigns. Collie pointed to "cyberwar" between Israelis and Palestinians between October of 2000 through January of 2001. During that period, attackers from 23 countries hit eight governments, mostly with denial-of-service attacks and Web site defacements touting pro-Israeli or pro-Palestinian causes.

"There was a lot of hype in the media, so a lot of things that followed came under the definition of cyberterrorism," he said. Last summer, several banks and other financial industry firms were put on higher alert after detailed information identified several buildings as terrorism targets. But an employee with even the lowest security clearance into a financial services firm’s network can do enormous damage.

Website defacement is one of the least important threats to a financial company, with the possible exception of online banks (though even online banks usually separate their public websites from their banking web applications). If I were a security operations officer at a major company, I would be tempted to treat the main part of the public website as a sort of punching bag for people who are angry at the company. I might deliberately allow defacement of the website every now and then, on the grounds that this will probably satisfy most determined attackers. Having scribbled their message across the main home page, they would likely be less inclined to attack assets that are actually important.

So, as long as the DHS is recycling marginally credible threats of annoying mischief that it finds on obscure blogs, I might as well reveal that I am planning to explode some expensive TV broadcast satellites using focused beams of my own brain waves.

OMFGPetewithagun!

Posted by Russell on December 01, 2006 at 2:48 a.m.
Pete, why did you have to go and shoot holes in that perfectly good paper? What did it ever do to you?

Then again, I write equations on perfectly good paper. If I were the paper, I'd take the holes.