The darker side of bitcoin

Isn't it funny how sometimes life seems to follow a theme? Here I am being all paranoid about security and not five minutes later I stumble across this:

Hi everyone. I am totally devastated today. I just woke up to see a very large chunk of my bitcoin balance [has been stolen].

I feel like killing myself now. This get me so f'ing pissed off. If only the wallet file was encrypted on the HD. I do feel like this is my fault somehow for now moving that money to a separate non windows computer. I backed up my wallet.dat file religiously and encrypted it but that does not do me much good when someone or some trojan or something has direct access to my computer somehow.

...

Block explorer is down so I cannot even see where the funds went.

I tried restoring an earler backup of my wallet but naturally that does not work because the transaction has already been validated.

Needles to say I feel like I have lost faith in bitcoin.

Anyone have any ideas what I can do besides just jump off a bridge?!

No, there is nothing that this poor sod can do. That is the whole point of bitcoin. It's untraceable virtual cash, and like physical cash, if someone steals it from you it's gone for good.

Wow, the bitcoin that was stolen was worth about half a million dollars at current exchange rates. You gotta wonder if the motive was profit or to undermine trust in bitcoin.

A possible flaw in open-source bcrypt implementations

[NOTE: See updates below and here.]

I'm working on an application that requires a secure password hash. The state of the art is Colin Percival's scrypt but the available code base is not very developer-friendly. Scrypt is published as a self-contained file-encryption utility, and to extract the key-derivation function is not trivial. It's not a lot of work, but it does require a fairly deep understanding of how scrypt actually works under the hood to make sure that you don't screw it up (and crypto code is notoriously easy to screw up even for someone who knows what they are doing). So I decided instead to try bcrypt, which is not as secure as scrypt but is a lot easier to use because it has python bindings and a password-hashing-friendly API.

So I downloaded and installed py-bcrypt, ran a few tests, and everything seemed to be working properly. But then I noticed something odd. The hash produced by py-bcrypt was 60 bytes long:


>>> import bcrypt
>>> bcrypt.hashpw('x', gensalt())
'$2a$12$w6IdiZTAckGirKaH8LU8VOxEvP97cFLEW5ePVJzhZilSa5c.V/uMK'
>>> len(_)
60


Let's deconstruct that. The format of the bcrypt hash is:

1. A 7-byte header ("$2a$12$") identifying this is a bcrypt hash, followed by...

2. A 22-byte base-64 encoded salt ("'w6IdiZTAckGirKaH8LU8VO") which decodes to a 128-bit binary salt value, followed by...

3. A 31-byte base-64 encoded hash ("xEvP97cFLEW5ePVJzhZilSa5c.V/uMK") which is supposed to decode to a 192-bit hash.

Except that it doesn't. 31 base64 encoded bytes only yield 184 binary bits. One byte of our hash has gone missing. [NOTE: this is corrected from an earlier version where I had two bytes missing. Those damn off-by-one errors :-) ]

OK, so maybe someone accidentally introduced an off-by-one error into the python wrapper. Except that the problem is not in the python wrapper. You can find bcrypt test vectors on the web, and they are all 60-byte strings.

It gets weirder.

The official bcrypt paper says (and other accounts corroborate) that bcrypt is limited to hashing 55-byte-long passwords. But empirically, py-bcrypt uses up to 72 bytes:


>>> hashpw('x'*71, s)
'$2a$12$w6IdiZTAckGirKaH8LU8VOMZSlhS0VSZlNwXRObFsZV4.wyRyEn9.'
>>> hashpw('x'*72, s)
'$2a$12$w6IdiZTAckGirKaH8LU8VOD.VdDKdNfUBylAAnnmZvJuKg6dhqMLq'
>>> hashpw('x'*73, s)
'$2a$12$w6IdiZTAckGirKaH8LU8VOD.VdDKdNfUBylAAnnmZvJuKg6dhqMLq'
>>>


That is a very big discrepancy between the actual behavior of the code and the description given in the literature. It's vastly too big a discrepancy to be explainable by a simple inadvertent bug.

Now, some people might say I'm being excessively paranoid, but I don't think so. The higher the stakes in the internet security game get, the more incentive there is for attackers to try all kinds of sneaky and nefarious tricks to introduce weaknesses into people's defenses, and one of the easiest ways to do that is to publish some plausible-looking open-source security code that actually has a hidden weakness built in to it and hope that nobody notices. So IMHO it is prudent to raise at least a yellow flag any time the actual behavior of security code deviates from its peer-reviewed specification. When it comes to security, a certain level of paranoia can be prudent.

I sent an email to the author of py-bcrypt asking about this but didn't get a response. If anyone who knows their way around crypto code can shed some light on this I would be very grateful.

[UPDATE: My general level of paranoia has been at least partially vindcated]

[UPDATE2: The discrepancies have apparently been cleared up]

Obamacare takes another step towards the grave

A year ago March I predicted that the Supreme Court would overturn Obamacare on Constitutional grounds. Today the LA Times reports:

A top Obama administration lawyer defending last year's healthcare law ran into skeptical questions Wednesday from three federal judges here, who suggested they may be ready to declare all or part of the law unconstitutional.

Acting U.S. Solicitor General Neal K. Katyal faced off against former Bush administration Solicitor General Paul Clement in what has become the largest and broadest challenge to the healthcare law. In all, 26 states and the National Federation of Independent Business joined in urging the judges to strike down the law.

... in an ominous sign for the administration, the judges opened the arguments by saying they knew of no case in American history where the courts had upheld the government's power to force someone to buy a product. {Emphasis added.]

So it's looking good for my prophetic abilities. Not so good for the country.

One dollar, one vote

Former Minnesota Gov. Tim Pawlenty is calling for big tax cuts. (My, what an innovative idea.)

In order to offset any lost tax revenue — and to tackle the deficit — Mr. Pawlenty calls for something called “The Google Test” to determine whether the government should be involved in a program.

“If you can find a good or service on the Internet, then the federal government probably doesn’t need to be doing it,” Mr. Pawlenty says.

Hm, let's see what we can find on Google nowadays. I can find this. And this. And this. And this and this and this. Oh, those aren't goods and services available for sale you say? Well, how about this or this or this.

The point being (not that this should come as a surprise to anyone who hasn't been living in a cave for the last ten years): you can find freakin' anything on Google. Of course the private sector will step up and provide any service that the government doesn't for which there is demand. But you might not like the terms.

Here's the problem: we as a society are not willing to let people suffer the consequences of their actions, and with good reason: sometimes the consequences of your actions affect the people around you. Want to ride a motorcycle without a helmet? If you splatter your brains on the sidewalk it's not just you that suffers. It's your kids. It's your employer (or your employees). It's whoever gets stuck with the job of scraping you and your motorcycle off the pavement and disposing of them. And if you should be so unfortunate as to survive the accident, people seem generally unwilling to muster the cold-heartednes to let you die if your insurance premiums aren't up to date, or your pockets aren't deep enough.

So we build emergency rooms and make rules that they can't turn you away if you can't pay. We fund police and fire departments in the recognition that if your neighbor's house is robbed or burns down, you suffer too. We build schools because if your fellow citizens are uneducated, you suffer, because they vote.

Unless, of course, they didn't.

The idea of one-person-one-vote that we Americans claim to hold in such high esteem is actually a fairly recent innovation. When our country was founded it was one-landowner-one-vote. Then it became one-white-make-one-vote, then one-white-person-one-vote.

Most of us like to think that these are settled issues. But it is in our nature as humans to seek power and influence, and unlike wealth, where trades can produce winners on both sides, power and influence are zero-sum games. The whole point of having power and influence is to get other people to do what you want instead of what they want. Someone has to pick the vegetables, clean the sewers, fight the wars. How do you decide who draws the short straw?

It turns out there are lots of ways, some better than others. You can create a government and have it make the decisions. You can create a free-market economy and let that decide. Or you can create a system where some people are left with no alternative but to do the dirty work or starve.

That is what the Republican program of dismantling government is heading towards. If you replace government with the free market, then you replace one-person-one-vote with, effectively, one-dollar-one-vote, which some people (generally those with lots of dollars) genuinely consider to be a good thing.

I have to hand it to the Republicans though. Their marketing is brilliant. If they presented their agenda at face value they'd be run out of town on a rail. So instead they wrap their anti-democratic ideals in the flag and convince people that it's patriotic to fight the wars for starvation wages (and put up with being abandoned afterwards).

But it's not patriotic to pay more taxes. Oh, no.

I genuinely don't understand why anyone who isn't a millionaire would fall for this transparent scam. But they do, and by the tens of millions. I wish I did understand it because if I did I'm pretty sure I could make a lot of money.

If there was any doubt in your mind...

... that we are in another bubble, this should dispel it. Groupon, a three-year-old company with zero profit, is filing for an IPO. Why do they need the money? Because they took all of their previous investment rounds and paid them out to earlier investors:

In January, Groupon raised $950 million. By the end of March, it had $209 million in cash. What happened to all that money? The company’s IPO filing spells that out: Almost all of it went right back out the door, to employees and early investors. ... Of note: This wasn’t the first time Groupon had raised money and taken cash off the table. In April 2010, the company raised $130 million, and handed $120 million to many of the same people.

If it quacks like a Ponzi scheme...

Damn straight

"The global war on drugs has 'failed'" according to a new report by ... The Global Commission on Drug Policy.

What if they held a revolution and nobody noticed?

This is not a rhetorical question. Apparently, Spain has had people marching in the streets for the last two weeks. Who knew? Not me.

The world will end tomorrow (or is that today?)

I'm going to go out on a limb here and go on the record as predicting that the world will not end tomorrow. (Actually, in some parts of the world it's already tomorrow.

In Samoa, they recently hopped from one side of the international date line to the other. Does this mean the world will end 24 hours sooner in Samoa than it otherwise would have?

Couldn't have said it better myself

Actually, "the Rich" Don't "Create Jobs," We Do .

The Morganza spillway is not the story

The opening of the Morganza spillway for the first time since 1973 is at the top of the news. It's dramatic. A lot of people will lose their homes in order to save a lot more people from losing theirs.

But that is not the story. Or at least it shouldn't be.

The real story is a 35 miles upriver, near the town of Simmesport, Louisiana. There, in 1963, the U.S. army corps of engineers built a floodgate system very similar to Morganza called the Old River Control Structure, or ORCS. The reason the ORCS gets less attention is that water flows through it continuously, so the fact that water is flowing through it now isn't news. The ORCS controls the flow of water between the Mississippi and another river called the Atchafalaya. The Atchafalaya is not a tributary of the Mississippi, it is a distributory. The Mississippi forks at Simmesport, and part of its flow diverts into the Atchafalaya as part of a natural process called avulsion. It works like this: a river carries sediments. Over time those sediments are deposited in natural levees which periodically change the river's course. The Mississippi naturally changes course about once every thousand years or so. The next course change is overdue. When, not if, it happens, the Mississippi will divert into the Achafalaya, which follows a much shorter and hence steeper course to the Gulf of Mexico than the Mississippi does now.

The ORCS was built to prevent this course change from happening. The flow is carefully controlled to keep Mississippi from fully diverting. But in 1973, the last time a "hundred-year flood" happened on the Mississippi, the flow of water through the ORCS was so massive and turbulent that it undermined the structure's foundations and it very nearly failed. If it had failed, the water would have enlarged the Atchafalaya to the point where the process would almost certainly have become irreversible. The Mississippi River as we know it would have ceased to exist.

It is probably only a matter of time before the ORCS does fail. It was shored up after 1973, but water has a way of going where it wants to go. The Mississippi's sediments are building up, and the more they do the more attractive the Atchafalaya's shorter and steeper route becomes. This could be the year.

If it is, it would be an economic catastrophe of epic proportions. Morgan City, Louisiana would more or less cease to exist. The Mississippi would still flow through New Orleans, but it would not have enough water to support the deep-water river traffic it does today, and it would no longer be a suitable source of drinking water for the city of New Orleans. Most of the Gulf oil and fishing infrastructure would have to be rebuilt. It would be -- sorry, will be, because it's only a matter of time before it happens -- Really Really Bad (tm).

Despite this, I have yet to see any mention of the ORCS is any mainstream news outlet.

Apple keeps getting more evil

They are just screwing people left and right.

This may be the Facebook killer

If I can get enough people to click on this link I can win an iPad!

Also worth noting

The intelligence that proved crucial to finding Bin Laden was not obtained through torture.

More on Bin Laden's victory

This is from Ezra Klein in The Washington Post:

Did Osama bin Laden win? No. Did he succeed? Well, America is still standing, and he isn’t. So why, when I called Daveed Gartenstein-Ross, a counterterrorism expert who specializes in al-Qaeda, did he tell me that “bin Laden has been enormously successful”? There’s no caliphate. There’s no sweeping sharia law. Didn’t we win this one in a clean knockout?

Apparently not. Bin Laden, according to Gartenstein-Ross, had a strategy that we never bothered to understand, and thus that we never bothered to defend against. What he really wanted to do — and, more to the point, what he thought he could do — was bankrupt the United States of America. After all, he’d done the bankrupt-a-superpower thing before. And though it didn’t quite work out this time, it worked a lot better than most of us, in this exultant moment, are willing to admit.

Go figure

Some pictures just speak for themselves.

That didn't take long

The birthers have already found a new angle:

A group of die-hard "birthers" took their conspiracy theory about President Obama's birthplace to a panel of federal judges Monday, urging the nation's second-most-influential court to consider what they say is evidence that the president has faked vital documents all his life and is ineligible to be head of state.

Can I call 'em or what?

[UPDATE] Cindy Sheehan is leading the conspiracy nut pack with the theory that Osama bin Laden is not dead. As I post this, 193 people have "liked" her FB post.

More hypocrisy from the right

One of the first things I thought to myself on hearing about the death of Bin Laden was: I wonder how Fox News and friends are going to spin this to make Obama look bad. Now I know.

Bin Laden's ultimate victory

David Sirota nails it:

"This is bin Laden’s lamentable victory: He has changed America’s psyche from one that saw violence as a regrettable-if-sometimes-necessary act into one that finds orgasmic euphoria in news of bloodshed. In other words, he’s helped drag us down into his sick nihilism by making us like too many other bellicose societies in history -- the ones that aggressively cheer on killing, as long as it is the Bad Guy that is being killed."

There's also this from HeathenFace on Reddit:

I will not remember today for Osama's death. I will remember it for the way I felt watching the videos of my countrymen celebrating in the streets of New York and Washington. I don't recognize them, these people waving flags, singing, and pouring their jubilation into the night because we killed someone. And what about all the others that have been killed? During 10 years we spent unbelievable amounts of blood and treasure, enacted unthinkable civil liberties legislation, and turned ourselves into brutes for this.

And there we were out on the streets. Brutes. We have become brutes.

Yes, the world is a better place without Osama bin Laden. But I fear what this has brought out in us. The structural factors that create Osama bin Ladens still exist, and unless we work to change those, we will continue to undermine ourselves by giving our attention to tomorrow's straw man.

I'm not sure which is more tragic, that Osama Bin Laden achieved what he set out to do, or that we didn't notice.

Patriotic Millionaires mix it up with Orrin Hatch

I am a "member" of a "group" called Patriotic Millionaires for Fiscal Strength. The reason I put the words in scare quotes is that nothing binds us together except for the fact that we've all signed a letter to the powers that be in Washington urging them to raise taxes on the rich (which is us) in order to reduce the budget deficit. This apparently got the attention of Senator Orrin Hatch who felt the need to lecture us about the fact that we can make voluntary contributions to the government:

For those that are interested in making voluntary contributions to pay down the national debt, the process is both easy and advantageous. Federal law authorizes the Secretary of the Treasury to accept conditional gifts to the United Stales for the purposes of reducing the public debt. Individuals can go to ihe website pay.gov where they are able to make a tax deductible charitable contribution to pay down the public debt.

I'm proud to have been the principal drafter of a response to Senator Hatch. I reproduce it here in its entirety:

Dear Senator Hatch:

Thank you for your letter of April 20. With all due respect, you appear to be laboring under a number of misapprehensions. On behalf of the "so‐called" (your words) Patriotic Millionaires we would like to take this opportunity to set the record straight.

First, we are well aware that making voluntary contributions to reduce the deficit is an option that is open to us. That you seem to think reminding us of this is a constructive contribution to this serious debate indicates that you have missed the point. In our democracy, individual citizens do not get to pick and choose what government spending to pay for. You and your colleagues over the past decade have voted for vast outlays that many of us as individuals might not agree with. Nonetheless, we recognize our responsibility as citizens to pay for these expenditures, which were authorized by our elected representatives, and are therefore ultimately our collective responsibility. That is an intrinsic part of living in a democracy: you don't get to opt out.

But letting people opt out is precisely what you are suggesting with your proposal of paying down our debt with voluntary contributions. In World War II, when we faced great challenges as a nation, we didn't ask for voluntary contributions to pay for the war, or ask only those who supported the war to contribute. We had high taxes during the war, and high taxes to pay down the debt, afterward. Today, we benefit from that fiscal discipline. But we are undoing those benefits to society by cutting taxes on the wealthy at the same time we face enormous expenses and are carrying enormous debt. We need all of the above to address this problem, just as we have done in the past.

During World War II, we even resorted to rationing to share the burden of war more equally. Who is paying the burden of war, today? Our less privileged, who fight and die in disproportionate numbers, and our future generations, who will bear the burden of the debt. We think that is shameful.

We are ready to step up to the plate with a willingness to sacrifice for the greater good but we are not willing to make that sacrifice in vain, which it surely would be if we followed the course that you suggest. You even point this out yourself in your letter when you note that "the Bureau of Public Debt recorded only $3.1 million in gifts in 2010." We have been more fortunate than most people, but we are a very small group. If there were even the remotest chance of making a noticeable dent in the problem by acting alone we would have done it already. But we are a few dozen people in a nation of over 300 million facing a debt measured in the tens of trillions. To suggest that we try to tackle this problem by making individual contributions is, frankly, insulting. It is like suggesting to someone expressing a desire to serve their country by bearing arms that they buy a rifle and a plane ticket to Afghanistan. Some problems are too big to be solved except through collective effort and shared sacrifice, and this is one of them.

Second, you write: "this debt crisis is not caused because we tax too little. It is caused because our nation spends too much." This is quibbling over semantics. Deficits result when spending exceeds receipts. Whether that happens because spending is too high or receipts are too low is a matter of perspective and priorities.

In 1977 when you first became a Senator, the U.S. National Debt was approximately $700 billion – that’s with a B ‐ or 36% of then‐GDP. At the end of 2008, before Barack Obama came to the White House, the National Debt ballooned to almost $10 trillion – that’s with a T ‐ and about 70% of 2008 GDP (OMB). While there are different opinions as to how this happened, the National debt did not creep up on us suddenly. The spending that led to such debt resulted from the collective actions of Senators and House Representatives, including you.

It is true that government spending levels are at historic highs, but it is also true that tax rates (and hence receipts) are at historic lows in terms of percentage of GDP. It is the combination of these two factors that has taken us from surplus to near‐catastrophic deficits in a mere decade.

Third, you cite Kevin Williamson's argument that "a public school administrator earning $130,000 married to a pharmacist earning $125,000 a year is rhetorically lumped together with millionaires and billionaires." That may be, but it is Williamson doing the rhetorical lumping, not us. We have urged the President to raise taxes only on people earning over $1 million a year, so Williamson's argument is a complete non‐sequitur. But even under the most aggressive plan currently on the table, Williamson's hypothetical couple would pay zero additional taxes, as deductions and exemptions would reduce their taxable income to well below $250,000.

Finally, we would like to remind you of two historical points. The first is that the Constitution of the United States of America was established for the express purpose of "promot[ing] the general welfare" and not just the welfare of the rich and powerful. Over the last ten years we, the signatories of the PM letter, have done very well, in no small measure because we benefited from public education, government services, a civil society, and world‐class infrastructure, all provided by the government. However, our good fortune has not been shared by the vast majority of our fellow citizens and since our success has been supported by the general public, we feel an obligation to pay back.

The second historical point is that we have faced a crisis like this before. In the early 1990's we successfully addressed a similar crisis through a combination of tax increases and spending cuts. As a result, in 2000 we were not debating how to address a debt crisis, but rather how best to dispose of a budget surplus. It is also worth noting, as a matter of historical fact, that we reached this happy state of affairs through a bipartisan effort involving a Democratic president and a Republican Congress. This makes us fundamentally optimistic that the problem we face today is surmountable.

You close by expressing concern about raising taxes on us "during a vulnerable economic recovery." It is precisely because we do not want this problem solved solely on the backs of the most vulnerable that we have asked the President to call us to our duty. To him and to you we say again: raise our taxes. We can take it.

A comedy of political errors

The White House has "released" (you'll see why I put that word in scare quotes when you follow the link) the long form of his birth certificate. Donald Trump immediately took credit for "hav[ing] played such a big role in hopefully getting rid of this issue." The CSM gives the win to Trump, saying, "In politics, anytime you force an opponent to react to you, as opposed to talk about what they want to talk about, you’ve often scored a point."

The CSM is right, but it overlooks one important point: this will not get rid of the issue. It will only fan the flames higher. There is a reason that conspiracy theories have "conspiracy" as a prominent part of their name. They are impervious to facts because "facts" can be manufactured. You don't even have to try very hard to concoct a birther-friendly explanation of the alleged long-form birth certificate. For starters, the White House did not release the document in a sane format, like an image of a PDF. They "released" it as an Adobe Flash file. So you can't look at the whole document, you can only peer at it through a teeny weeny little window. Yes, you can zoom in and out and pan around, but if you zoom in far enough to be able to read the text you can only see a tiny part of the document. Why did they do this? Obviously there can only be one "reasonable" explanation: the White House is desperately trying to conceal the fact that the document is a forgery.

So yes, Trump scored a point by making the President react. But then he conceded the game by implicitly accepting the document as legitimate! You can't have it both ways. Either you're playing for the loons or you aren't. Switching horses in mid-stream is political suicide. Trump already lost all the sane people when he signed on as a birther in the first place, but now he will lose the birthers too because he's become part of the conspiracy!

This is Trump's greatest weakness: he can't stop himself from gloating over a victory. It just cost him the White House.

[Update] Turns out they released it as a PDF too. But of course that won't matter either, they'll just come up with some other story.

Is it Lisp or is it me?

John D. Cook writes:

I’m skeptical when I hear someone say that he was able to program circles around his colleagues and it’s all because he writes Lisp. Assuming such a person accurately assesses his productivity relative to his peers, it’s hard to attribute such a vast difference to Lisp (or any other programming language).

...

There are genius programmers who write Lisp, and Lisp may suit them well. But these same folks would also be able to accomplish amazing things in other languages.

As someone who has specifically gone on the record saying pretty much exactly that (more than once) I feel the need to refute this claim.

Since the argument is based on the premise that I was in fact more productive than my peers, I have to toot my own horn a bit more than I'm generally comfortable with. I spent twelve years of my early career at the Jet Propulsion Lab during which time* I was promoted to the rank of Principal, the highest rung on the technical career ladder. I think it's safe to say that I did not achieve this through my sparkling personality, my willingness to brown-nose, or my finely honed political skills. In fact, looking back on it, I think at one time or another I managed to alienate about 90% of the people I came in contact with. So the only reasonable explanation of the fact that I was promoted instead of fired was that I produced results.

That still leaves open the possibility that I'm just freakin' brilliant, I could have (and would have) produced the same results in any old programming language. But there is actual data to refute that theory.

First, when I was at Google I got to see firsthand what real coding genius looks like, and it ain't me. There were dozens of people at Google who could code so fast and so effectively that it literally left me slack-jawed. My colleagues regularly did things that I would not have even thought possible had I not seen them with my own eyes.

Second, when I tried to learn to do what they were doing, I failed miserably. I tried to wrap my brain around Java and C++ and I just couldn't. I found myself so frustrated by the fact that I had to manually worry about a zillion little details that I could just ignore if I were using Lisp that I got a mental wedgie and I just couldn't get past it. I'd get bogged down in protection faults, STL errors that scrolled off the top of the screen, the fetid cesspool that is Perl, and get so frustrated that I just couldn't make any progress.

Third, I'm not the only one this has happened to. When I was working on the remote agent experiment an attempt was made to port part of that code (the planner) from Lisp to C++. After a year that effort had to be abandoned because the planner team just couldn't make it work. So it's not just me.

Fourth, it's just seems obvious from first principles that it you're using a language where you don't have to worry about memory management, you're going to get things done quicker and more reliably than a language where you do.

It is because of all this that I attribute my own success more to Lisp than to my personal coding prowess.

This is not to say that Lisp is a panacea. I do believe in the Lisp curse that the power of the language is in some respects self-undermining because it empowers the individual and so tends to attract people who don't work well in teams. A team of competent programmers willing to put up with bullshit will out-compete a lone wolf striving for elegance no matter how brilliant he is. It's sad, but that's the way it is.

---
[*] To be strictly accurate, after 12 years I was a Senior, one rung below Principal. I then left for a year to work at Google, and when I returned I was re-hired as a Principal.

New startup rule: revenue pages should get top priority

My world, along with that of a zillion other geeks, came crashing down around me about 24 hours ago when Amazon Web Services went down and took Reddit down along with it. Things are slowly returning back to normal, but at the moment only paid Reddit Gold members are being allowed to log in. I've actually been meaning to sign up for Gold for a while just on general principle because I like Reddit and want to see it continue to thrive, so this seemed like as good a time as any. Unfortunately, it turns out that to sign up you have to log in. Catch-22.

So... if you're doing an on-line startup, you should build it in such a way that the revenue path stays up no matter what, or at least is absolutely the last thing to go. You never know when or why people might want to give you money. You should never make it impossible for them to do so.

Articles on the web need to be prominently dated

During my morning read-through of the day's news I ran across this link pointing to a Washington Post article disclosing the existence of what are essentially secret police operations conducted by the FBI without a court order. Naturally my blood began to boil and I dashed off an indignant blog post. Only after I published the post and it had been up for a while did I notice that the article was from 2007.

This is one of the problems with digital media. Back when newspapers were on paper it was easy to tell if an article was old: the paper would be yellow and frayed. There are no such cues on the web. Every article is as pristine as the day it was written, so unless there are some obvious stylistic cues there is no way to tell when a particular article was written unless it is dated. And even if it is dated, can you really trust the date?

The web really needs some infrastructure for producing reliable and prominent timestamps.

A split-brain experiment

My sister pointed me to this video about a particularly interesting split-brain experiment. In these experiments, the corpus collosum, the bundle of nerves that connects the two hemispheres of the brain, is surgically severed, usually as a treatment for severe epilepsy. The result is literally two separate brains residing in the same body, which can develop two separate personalities. In this case, one of the personalities believes in God and the other one doesn't. As the speaker observes, this raises a profound theological question: what happens when this person dies? (And no, saying this person has two souls doesn't solve the problem, because that just raises the question of when he acquired his second soul.)

Personally, I believe this is just an extreme case of what is actually a much more common phenomenon than is generally appreciated. Our conscious selves are not, in fact, the coherent whole we perceive them to be. The perception we have that we are "individuals" with an "essence" or an identity that is constant across time or even coherent at any given moment is an illusion. This can be demonstrated by a wide range of psychophysics experiments, but I don't have time to look those up at the moment. Fodder for a future post. Someone remind me.

Abortion and the Bible

Abortion is once again in the news because the anti-choice mafia is successfully taking over the state house. So this seems like as good an excuse as any to point out the fact that the Bible does not support the pro-life position.

I wouldn't go so far as to say that the Bible is pro-choice (at least not for women) but it turns out that it is explicitly against the proposition that life begins at conception. Exodus 21:22 says:

“If people are fighting and hit a pregnant woman so that she miscarries but there is no serious injury, the offender must be fined ..."

So killing a fetus should be punishable by nothing more than a fine.

That should be game, set and match in the debate over whether abortion is murder, but of course it won't be because religion is not about truth, it's about feeling good, so as long as fighting for "innocent unborn children" feels good, no amount of logic nor the Word of God will deter the anti-choicers from their fix.

Oh, puhleez!

People are playing Quidditch. Or at least they're trying. They're adapting the game to conform to the laws of physics, but the result sounds like less like Quidditch and more like the bastard stepchild of curling (they use brooms), rugby and Calvinball:

Welcome to the wild and weird sport of Muggle Quidditch, where boundary lines are suggestions, four balls are in play at any given time, and every player -- except for the elusive golden Snitch -- dashes about with large, bristly broomsticks held mid-thigh. Six years ago, the game was just a cool idea hatched by a group of students at Vermont's Middlebury College; today, there are more than 700 teams on high school and college campuses worldwide.

No, I'm sorry, but this is not "a cool idea", this is a completely stupid idea. The whole point of Quidditch (the "real" version, the one in J. K. Rowling's books) is that you can't play it in real life because it requires actual magic. That's what gives it its charm (so to speak). Quidditch without magic is like water polo without water. And, I'm sorry, but carrying a broom between your legs while you run around is just ridiculous. I hate to be a wet blanket, but someone needs to get a life.

Raising taxes on the rich will not harm the recovery

We've actually done this experiment once before back in the 90's. The Republicans screamed bloody murder. They were wrong then, and they are wrong now.

The universal claim of Republicans in 1993 was that if the Clinton budget and its tax hikes on the wealthy ever became law, the country would immediately be plunged into another recession and millions of Americans would lose their jobs. That didn't happen at all. Moreover, when the economy began growing rapidly in the middle and late years of the decade, the new, higher rates established by the Clinton budget helped produce a massive revenue windfall -- enough to lead to record surpluses and to bring into sight the elinination of the entire national debt. You don't need to claim that Clinton's '93 budget itself spurred the economy or that it was the only reason a balanced budget was reached so quickly (yes -- there were other factors!) to acknowledge that (a) it did not cause any of the economic turmoil that Republicans guaranteed Americans it would and it did not hinder -- at all -- the sustained growth that marked the rest of the decade; and (b) it brought in far more revenue than the pre-Clinton budget tax rates would have -- and this revenue made achieving a balanced budget much easier.

Kentucky church comes out in support of gay marriage

Tip o' the hat to the Douglass Boulevard Christian Church in Louisville, Kentucky whose members have voted to support gay marriage. In fact, they've gone one step further and voted to publicly protest marriage discrimination against gays by not signing marriage licenses until gay marriage is legalized.

"In our attempt to live out God's call to pursue justice for all, the Elders of the congregation joined the Pastors in witnessing to the right for gay and lesbian persons to God's blessing on their union and witnessing to the Commonwealth toward ending the refusal to recognize these unions," said Rev. Chuck Lewis, Chair of Elders with the church.

Kudos!

Thank you to my adoring fans! :-)

Just over a year ago (holy cow, has it been that long?) I was privileged to attend the premiere of a film made by a friend of mine named Hilalry Scarl called See What I'm Saying, the Deaf Entertainers Documentary. (It's a really great film. If you haven't seen it, DVDs are now available :-)

That was a real Hollywood premiere. It took place at the Egyptian theatre. About ten million people attended (well, maybe not quite that many, but it felt like it). There were limos, a band, paparazzi, a red carpet, acrobats (no, really!) ... the whole shlemobble.

My premiere last night wasn't like that.

We were planning to show up half an hour ahead of time just to leave some margin, and it's good we did because we hit traffic and only arrived ten minutes early. We were the first ones there. "There" turned out to be an old naval base in Alameda (near where they film "Mythbusters"). We were really wondering if we had the right place. If you can imagine a place that looks nothing at all like the place where you'd hold a film festival, that's what this place looked like.

Until you got inside.

There behind the doors was what has to be one of California's best kept secrets: an absolutely gorgeous art-deco theatre, not quite as nice as the Egyptian, but in the same league. It was at once beautiful and sad because it was absolutely empty. And it was still empty except for me and Nancy when the show started.

Now, my film was the third one of the evening. The first was a ten-minute short music video, and the second was an hour-long film about sustainable industry. By the time the second film started there was still no one there, which meant that not even the people who made the first two films had bothered to show up to their own screening.

I was starting to get a little worried.

To my great relief, before the second film was half-way through people started to trickle in, and by the time my film started there were a fair number of people there (hard to tell exactly how many because it was dark).

Now, I have seen my own film a zillion times. I know every frame, every note in the soundtrack, every syllable spoken, every helicopter flying overhead (sound was the bane of my existence for two years when I was filming). We have a pretty big screen hi-def TV at home with a fairly decent sound system. But watching my film in a theatre was a completely different experience, not just because of the audience (which despite its small size was still the biggest group of people who had ever seen it at once), but also because there was something about the sound system that brought out details in a way that headphones and our home audio system just never did. I can't put my finger on exactly what it was (reverb maybe?) but whatever it was it made a huge emotional impact on me, and I guess it did on the audience as well because they all laughed at all the funny parts and (as far as I could tell) cried at all the sad parts. And when it was done the applause sounded enthusiastic, not merely polite. It felt great. Made the whole five-year long effort worth it.

Afterwards, the festival host called me on stage (he called me "brother Ron" which was the first time anyone has ever called me that, and I thought that was pretty cool too) and we had some Q&A. There were a lot of questions, and a lot of compliments. (If anyone who attended is reading this, I would really appreciate if you would write up a quick review and send it to me so I can put it up on the web site. Thanks!) It was a really great feeling. I can only imagine how Hillary felt in the same position in the Egyptian with a standing room only crowd.

I have no idea where the film will go from here. I'm very much hoping I'll be able to line up some more screenings. If you saw the film and liked it please tell your friends. If you know a film festival programmer or Jon Feltheimer, tell them :-) I'm not much of a marketeer so my main hope of reaching a broader audience is to have it go viral.

Thanks to everyone who attended last night!

Rich people are not the creators of wealth

I was a signatory to the original Patriotic Millionaires campaign back in November, and I recently signed on for round two. It's looking more promising this time. Obama finally seems to have found his spine:

In December, I agreed to extend the tax cuts for the wealthiest Americans because it was the only way I could prevent a tax hike on middle-class Americans. But we cannot afford $1 trillion worth of tax cuts for every millionaire and billionaire in our society. And I refuse to renew them again.

Actually, it's a pretty good speech. Worth reading the whole thing. (I don't think I've ever said that about a political speech before, and it will probably be a long time before I say it again. Sorry about the NYT link. I tried to find the text on the whitehouse.gov site and failed. If anyone from the White House PIO is reading this, if someone like me can't find the text of the president's most recent speech on your site, you have a serious problem.)

Of course, the Republicans were attacking the speech, particularly the part about raising taxes on the rich, before it was even delivered, lending credence to the theory that Republicans don't actually think about what they are saying but just mechanically object to anything the president says or does, even if it's their own idea.

But there's one very dangerous notion that really needs to be squashed: "now it’s time to tax the people who create the wealth.” (That was Michele Bachman, but you can count on hearing this line from the chorus on Fox News for the next few weeks.) The implication being that 1) rich people create wealth and 2) if you tax them, they'll stop. Both of these ideas are wrong.

Making money and creating wealth are two very different things. You can make money without creating wealth, and you can create wealth without making money. Salman Khan has created vastly more wealth than, say, Angelo Mozilo, but Mozilo made vastly more money. (Mozilo actually made his money by destroying wealth.)

Money and wealth are not completely unrelated, of course, but even when they go together the causality is often backwards from what Republicans tacitly assume. Money is usually the result of creating wealth, not the cause.

"But," you might object, "you need money to create wealth." That's not true. You need capital, but just as money isn't wealth, it isn't capital either. Money can be exchanged for capital (tools, factories, computers) just as it can be exchanged for wealth (food, clothing, shelter, entertainment). But money is distinct from both wealth and capital, and just because someone has money doesn't mean they got it by creating wealth, or will use it to create more. Furthermore, the government has been a very effective creator of capital: Interstate highways. The military-industrial complex (whether you like it or not, it's capital). Much of our medical and aerospace research and higher-education system. The Internet. All created by or with significant help from the government.

The proposition that the rich are the (sole) creators of wealth, and that taxing the rich destroys wealth, is sheer nonsense.

Seeking a non-technical co-founder

I'm looking for a non-technical co-founder for a startup I'm working on. Main qualification is good interpersonal skills. Your primary initial responsibility will be sales/bizdev. Prior sales/bizdev experience is a huge plus, as is prior experience in (or at least some passion for) the aviation industry. Being located in the Silicon Valley is a plus but not a requirement. There will be significant travel (mostly domestic at first but possibly international later on) involved, so this is not a good opportunity for someone who wants to spend a lot of time with their family in the short term. You would be employee #1 so there is significant upside potential. If you are interested, drop me a line.

Ron rambles on

So it seems that the Ramblings will continue. Thanks to everyone who responded to my last post. It was a real revelation to learn that there are nearly 300 people subscribed to Rondam Ramblings via RSS. Seriously, who are all you people?

This still leaves me with the problem of deciding what to write about. So for now, here's a video of an A380 clipping the tail of a CRJ-700 at JFK yesterday. If you think you're having a bad day at work, watch this and it will put your troubles in perspective.

To blog or not to blog

I've been writing Rondam Ramblings for nearly eight years now. It started out with no clear purpose, and now eight years on that's still pretty much the case. At various times I've written about science, programming, politics, religion, philosophy, current events, travel, my personal life, and short links to things that seemed cool to me. If I were starting this project today I'd probably be doing it on FaceBook, but when I started RR, FB didn't exist (and it didn't open to the public until much later).

Along the way I've picked up thirty-four followers, and a few regular contributors have come and gone (mostly gone). I have no idea who most of you are or why you decided to subscribe, though I'm grateful you did. There is no greater reward for a writer than to be read. But it seems to have been a very long time since I've posted anything here that generated much interest. The last time anything really seemed to resonate was last October (and I don't want to make a blogging career out of taking pot shots at people).

Keeping up a blog is a non-trivial amount of work, and it is becoming less clear that Rondam Ramblings is worth the effort. If you thirty-four people, whoever you are, are still getting something out of this I'm happy to keep it up. But if you've moved on and just not bothered to unsubscribe then I'm going to redirect my efforts to other venues. So if you're still out there please let me know: send me an email, leave a comment, or just click on a reaction box, if for no other reason so I'll know what kinds of things I ought to be posting here, or if it's time to turn the page. Either way, thanks for listening.

Taking ridiculous to a whole 'nuther level

The Ramblings have been quiet because I just got back from a week aboard the MS Allure of the Seas, the world's largest cruise liner. Having seen her up close and personal, I rank her as one of the great achievements of human civilization, right up there with the Egyptian pyramids, the Coliseum, and vanilla soft-serve. She's a quarter million gross tons, carries over six thousand passengers, two thousand crew, and is the only ship in the world (except for her sister ship, the Oasis of the Seas) to have cabins with balconies that don't have a view of the water. It also has a basketball court, two FlowRiders, more restaurants, shops and pools than I can count, and an ice skating rink. She is a fully fledged floating city. In her one may even catch a glimpse of the future of human settlements.

By sheer happenstance, in one of our ports of call (St. Maartins) we docked right next to a little boat called Eclipse, which at 536 feet is at the moment the world's biggest private yacht:



(Click on the image for a hi-res version.)

They were in the middle of provisioning her for a trip and so I had a chance to chat briefly with one of the crew. I asked if she was available for charter. The answer: "I'm not allowed to tell you that." I took that as a "no" :-)

Nuclear power is the safest way to make electricity

In particular, it is vastly safer than coal pretty much any way you slice it.

There's a particularly remarkable study linked to by this article (but the anchor text is misleading so the link is hard to find) to a study of the long-term health effects of Chernobyl, which was so bad that it could almost be considered a "dirty bomb". From the abstract:

Among adult populations, there is no strong evidence to suggest that risk of thyroid cancer, leukaemia, or other malignant disease has increased as a result of the Chernobyl accident.

The article also says that in a study of 120,000 Hiroshima and Nagasaki survivors, some of whom were exposed to the blasts and other who were away at the time, that since 1950 there have been 822 "excess" deaths among the exposed population, or about 2% of the 42,304 people who have died during the study period.

Yes, the situation in Japan is very serious and very tragic. But can we please stop freaking out about radiation?

Pioneer Anomaly Solved

The Pioneer anomaly, one of the longest-standing mysteries in physics, has apparently been solved. It seems someone forgot to carry the one :-)

Actually, that's not so far from the truth. The problem with earlier models turned out to be that they didn't take into account the way heat from the spacecraft's plutonium power source reflected off the antenna.

What is most mind boggling to me is that it's actually possible to measure the position of the spacecraft accurately enough to tell the difference.

More hope for the world

Fox News viewership is down 21% with Glenn Beck taking the biggest hit.

Tax the Super Rich now or face a revolution

Think 2008 was bad? Paul B. Farrell says that was nothing compared with what lies in store if we don't start taxing the super-rich:

Warning: The Super-Rich Delusion has pushed us to the edge of a great precipice: Remember the Roaring Twenties? The Crash of 1929? Great Depression? Just days before the crash one leading economist, Irving Fisher, predicted that stocks had “reached what looks like a permanently high plateau.”

Yes, he was trapped in the “Great Gatsby Syndrome,” an earlier version of today’s Super-Rich Delusion. It was so blinding in 1929 that the president, Wall Street, all America were sucked in … until the critical mass hit a mysterious flash point, triggering the crash.

Yes, we’re reliving that past — never learn, can’t hear. And oddly it’s not just the GOP’s overreach, the endlessly compromising Obama, too-greedy-to-fail Wall Street banksters, U.S. Chamber of Commerce billionaires and arrogant Forbes 400. America’s entire political, financial and economic psyche is infected, as if our DNA has been rewired.

The Collective American Brain is trapped in this Super-Rich Delusion, replaying the run-up to the ’29 Crash.

Worth reading.

Newt Gingrich joins the raving loon club

Newt is afraid of "a secular atheist country ... dominated by radical Islamists."

Do Republicans stop to think at all about what they are saying, or do they just robotically spout buzzwords? Atheists! Terrorists! Muslims! (Oh My!)

Good grief.

Two more ways Obama is like Bush

I've said before that Obama is becoming increasingly indistinguishable from George Bush in terms of his policies. Add two more data points: Obama has now started his own war in the middle east with an unclear mission and justification, and he has suppressed scientific research:

"The Obama administration has issued a gag order on data over the recent spike of dead dolphins, including many stillborn infants, washing up on Mississippi and Alabama shorelines, and scientists say the restriction undermines the scientific process."

...

One biologist involved with tracking dolphin mortalities for over 20 years and speaking on the condition of anonymity, told Reuters that: “It throws accountability right out the window. We are confused and ... we are angry because they claim they want teamwork, but at the same time they are leaving the marine experts out of the loop completely.”

Some scientists said they have received a personal rebuke from government officials about “speaking out of turn” to the media over attempts at determining the dolphins’ deaths.

Excuse me? Speaking out of turn? What does that even mean? Since when have scientists had to wait their turn to speak to the media? Is this the U.S.A. or the U.S.S.R.? Honestly, it's starting to get a little hard to tell the difference.

The NYT paywall: a digital train wreck in slow motion

I believe in supporting quality independent journalism, so it's painful to watch the digital train wreck that is the New York Times paywall. They've apparently spent $40 million on it, and not only is it badly broken, but has a fundamental design flaw that makes it trivial to work around.

But that's not the worst problem.

The worst problem is their pricing. It's deceptive, and deeply hidden in their subscription page, which proudly touts 99 cent teaser rates, but hides the actual underlying rates under a tangle of links and redirects. Here are the actual weekly rates for an electronic subscription:

Web + smartphone: $3.75
Web + tablet: $5.00
Web + tablet + smartphone: $8.75

And here are the rates for home delivery, which come with "free all-digital access" (i.e. the third option above):

7-days a week: $7.40
Friday-Sunday: $5.20
Sunday only: $3.75
Monday-friday: $3.75

How is this pricing model broken? Let me count the ways.

1. There is no web-only option. If I have neither a smartphone nor a tablet I have to pay for one of those services regardless.

2. The cost of Web+tablet+smartphone is the sum of web+smartphone and web+tablet. So if I want all three, I have to pay for web access twice. Unless...

3. The cheapest way to get all three is to subscribe to the Sunday times. The NYT in effect will pay me $5.00 a week to take a paper copy of the Sunday times and throw it in the recycling bin.

A more perverse set of incentives is hard to imagine. Like I said, I believe in supporting quality independent journalism. I would happily pay to read the NYT on line if I felt that the price I was being charged is fair. But I just want to read the Times on the web, not my phone, and I don't own a tablet. I don't want to pay $250 a year for the privilege of not having to throw out a three-inch-thick stack of newsprint every week.

And I'm also pretty leery of supporting an organization that can't figure out how to build a freakin' paywall for less than forty million dollars.

The climate wars have begun

The Marshall Islands have fired the first shot in what I predict will eventually become a global conflict: instead of sitting idly by and watching while their country sinks beneath rising sea levels caused by global climate change, the Marshal Islanders have taken the initiative by legalizing cocaine in order to attract tourists and raise hard currency.

Good for them.

Now, I don't want to be misunderstood. I am not advocating the use of cocaine. Cocaine -- especially crack cocaine -- is a horrible scourge. But the fallout from making cocaine and other narcotics illegal is an equally horrible scourge. It does nothing but create a market opportunity for those willing to take the risk of breaking the law, and a barrier to entry for those unwilling to do so. Making cocaine illegal is nothing more than an indirect tax subsidy for drug dealers, one the Marshal Islanders have decided to avail themselves of. And they arguably deserve it:

The Marshall Islands were the site of nuclear testing prior to independence from the United States, and Marshallese claims against the US in regard to the fallout from the atomic testing are ongoing.

Don't buy your plane tickets just yet though. This is almost certainly nothing more than a bluff to try to get draw attention to their plight and maybe get a bit of leverage with the international community. But I predict that before long (10-20 years) we'll see other island nations trying similar tactics as the gravity of their situation becomes apparent. It's going to get ugly. Civilization depends on at least the perception of everyone having something to gain by playing by the rules. When your country is sinking beneath the waves that proposition becomes a very tough sell.

It's official!

My movie, But for the Grace of God?, a feature-length documentary about homelessness, is premiering at the Oakland Film Festival on April 15! There's more information and a trailer on the web site. If you live in Northern California I would love to see you there.

I'm not going to write much about the film here (I'm setting up a separate blog for that) so if you want updates please sign up for the mailing list on the film web site or subscribe to my twitter feed (@rongarret).

A exceptionally good summary of what's going on at the Japanese reactors

In case you were wondering. Bottom line: the reactors worked exactly as they were designed to. These are forty year old reactors, they experienced one of the worst natural disasters in recorded history, and while they have been damaged, there has been no danger to public health. And the most likely long-term danger to the public is that everyone will freak out over nuclear energy, which will hamper efforts to control carbon emissions.

The NBC Nightly News Drinking Game

Want to get smashed in 30 minutes? Then pull up a bottle of tequila and the NBC Nightly News with Brian Williams and take a shot whenever Brian says any of the following words or phrases: "Massive", "As Always" or "Our very own." I guarantee you will not be able to walk a straight line at the end of this exercise.

[UPDATE - 3/23] - I've actually noticed that ever since I posted this, Brian seems to be using these phrases a lot less. I wonder if maybe someone at NBC reads my blog? :-)

What Kind of Sick Culture Blames an 11-Year-Old for Being Gang-Raped?

When I first saw that headline I assumed they were talking about some backwards tribal culture in a Muslim country. But no, this happened (actually, is happening) in Texas. Guess I was wrong about the Muslim part.

A bumpy ride through the moral landscape

Sam Harris takes a valiant whack at the dragon (or is it a windmill?) of moral relativism in his new book, "The Moral Landscape." Harris argues that, contrary to Hume, one can derive "ought" from "is", at least to a first-order approximation, by starting with the premise that morality is that which advances the interests of conscious beings.

One of my mentors in graduate school once told me that it is worth paying attention to what smart people have to say even -- perhaps especially -- when they are wrong, because they are usually wrong in interesting ways. "The Moral Landscape" is a perfect example. It's wrong, but it is wrong in a very interesting way.

Let me say up front that I have tremendous sympathy for Harris's agenda. I wish it were true that one could derive "ought" from "is" (and I think it might be possible, but it's much, much harder than Harris -- or any of the new atheists -- seem to recognize). I do accept Harris's premise that maximizing utility for conscious beings is not only a reasonable foundation for such an endeavor, it is the only possible reasonable basis for it.

Unfortunately, between Harris's premises and his (predictable) conclusion that religion is the root of all evil (his Introduction has a section prominently entitled "The Problem of Religion") are a whole host of tacit biases and assumptions that render his reasoning circular. Harris defines the problem of morality as maximizing some utility function with respect to consciousness (which is perfectly fine), but then he goes on to assume without any foundation (and, worse, without being explicit about it) that this quality metric should have certain characteristics. Like erstwhile provers of Euclid's fifth postulate the assumptions he makes appear intuitively obvious. But if science teaches us anything it is that what is intuitively obvious is often wrong.

Harris's argument runs off the rails almost from the very beginning. This is taken from his introduction:

For my argument ... to hold, I think one need only grant two points: (1) some people have better lives than others, and (2) these differences relate, in some lawful and not entirely arbitrary way, to states of the human brain and to states of the world. To make these premises less abstract, consider two generic lives that lie somewhere near the extremes on this continuum:

The bad life

You are a young widow who has lived her entire life in the midst of civil war. Today, your seven-year-old daughter was raped and dismembered before your eyes. Worse still, the perpetrator was your fourteen-year-old son, who was goaded to this evil at the point of a machete by a press gang of drug-addled soldiers... Since the moment you were born your world has been a theatre of cruelty and violence. You have never learned to read...

I won't quote the whole thing; you get the idea. The good life, on the other hand, I reproduce here in its entirety because the details matter:

The good life

You are married to the most loving, intelligent and charismatic person you have ever met. Both of you have careers that are intellectually stimulating and financially rewarding. For decades, your wealth and social connections have allowed you to devote yourself to activities that bring you immense personal satisfaction. One of your greatest sources of happiness has been to find creative ways to help people who have not had your good fortune in life. In fact, you have just won a billion-dollar grant to benefit children in the developing world. If asked, you would say that you could not imagine how your time on earth could be better spent. Due to a combination of good genes and optimal circumstances, you and your closest friends and family will live very long, healthy lives, untouched by crime, sudden bereavements, and other misfortunes.

Surely it is obvious that the Good Life is preferable to the Bad Life in every way? Well, alas, no it is not. It is certainly preferable from the point of view of an affluent Western academic, which both Harris and I happen to be, so I can certainly understand the appeal. But it is not true that this need be the case for all conscious beings, or even for all rational conscious beings. But Harris dismisses this possibility out of hand:

Anyone who doesn't see that the Good Life is preferable to the Bad Life is unlikely to have anything to contribute to a discussion about human well-being. Must we really argue that beneficence, trust, creativity, etc. enjoyed in the context of prosperous civil society are better than the horrors of civil war endured in a steaming jungle filled with aggressive insects carrying dangerous pathogens?

Well, yes, we must. Hidden in the trees of horrific detail is the forest that makes Harris's Bad Life preferable to his Good Life for many people: the woman in the Bad Life scenario (one wonders if Harris considers being a woman to be a salient characteristic of the Bad Life) has children while the person (notably with gender unspecified) in the Good Life scenario doesn't (or, if s/he does, they don't figure prominently in Harris's reckoning.)

Now, I do not mean to suggest that any rational person would choose the totality of Harris's Bad Life over his Good Life. I merely point out that Harris's quality metric is heavily prejudiced by the fact that he is an affluent Western academic male. Money, in particular, figures very prominently. He mentions it three times. It is particularly noteworthy, I think, that helping the poor unfortunate children in the developing world is done with a billion dollars of other people's money rather than your own.

Let us give Harris the benefit of the doubt and assume that he is simply ignorant of the evidence that providing financial assistance to developing countries does more harm than good and that his heart is actually in the right place. But look at where he puts the emphasis: helping other people is not good because of the benefit it provides to others, but because of the personal satisfaction that it provides to the benefactor. The Good Life is not good because you are good, it is good because you feel good. You are free of pain and want, and on top of that you get to bestow a billion dollars of largesse on some poor unfortunate urchins without compromising your standard of living. That sounds good to me because I am a member of Harris's demographic. But I wonder how it sounds to the urchin.

(If you still doubt this point, let me add just one sentence to Harris's Bad Life: "Because of your suffering, the attention of the world's media has been drawn to the plight of your people, and years after you are dead millions will be living better lives because of your sacrifices." And another to the Good Life: "Unfortunately, though you are blissfully unaware of it, the money you have given out to third world countries has ended up in the pockets of corrupt dictators and the net result is that you have made the lives of millions of people worse, not better." Now which life is the Good Life and which is the Bad Life?)

Again, my point here is not to argue that Harris's Bad Life is superior to his Good Life, only to plant a seed of doubt that the superiority of every aspect of Harris's Good Life is beyond question. Unfortunately, even this small seed of doubt undermines Harris's entire agenda. The problem with applying science to morality is that it requires you to choose a quality metric from a complex space with multiple incommensurate dimensions. Even as simple a premise as, say, all else being equal it is good to minimize physical pain is open to rational doubt: it may well be that a certain amount of physical pain is necessary to psychological well-being (as measured according to some other quality metric). Maybe people who never experience any physical pain end up being so risk-averse that they become dysfunctional cowards. I really enjoy my affluent lifestyle, but I really wonder if I'm going to be up to the challenges that are going to come our way when, say, the planet's reserves of crude oil start to run out. (Or, what ought to be even more frightening, phosphorus.)

The fundamental problem is that "the interests of conscious beings" is not well defined. What exactly are those interests? To exist? To exist free of pain? To exist at some balance of pain and comfort that maximizes some other ineffable quality like "self-fulfillment" (whatever that might mean)?

The ultimate irony is that the reason that the interests of consciousness is not a coherent basis for morality (or anything else for that matter) is precisely because consciousness was created by evolution and not by God. Consciousness exists not because it is the cosmic destiny of the universe, but rather because, like all other complex things, it has survival value -- but not for itself. Consciousness is not an end, it is a means. Consciousness exists because it provides a powerful motivator for an entity afflicted by it to keep itself -- and hence its genes -- alive. Wealth and physical comfort feel like wins because up to a point they increase reproductive fitness. But as soon as it gets to the point where consciousness starts to value things like "self-fulfillment" over having children, trouble begins. The interests of that sort of consciousness are not longer aligned with those of its creator.

This is why Harris's program is almost certainly doomed to fail. Advancing the interests of consciousness will not lead to a planet full of humans singing kumbaya in blissful conscious harmony because that's not what consciousness is for. Consciousness exists to make us care about making sure our children stay alive long enough to have children of their own. Our children. Not someone else's. Of course, the situation is complicated by the fact that the boundaries between "ours" and "theirs" are fluid and can change opportunistically (because that kind of flexibility also has survival value). But there is nothing in the laws of physics that says those lines should be drawn around a single species, or even a single mental attribute like consciousness.

I wish things were different. I really do. I would like nothing more than to be able to preach the Gospel of Sam and so help to bring peace and harmony to the world. But Sam Harris of all people should be able to sympathize with someone like me who has a limited ability to suspend disbelief, so I trust he will forgive me.

Is the Square reader a security hole?

Verifone tooka swipe at Square today, saying that the Square credit card reader, which plugs into an iPhone headset port and lets anyone accept credit card payments, is a security hole. Are they right?

Yes and no. Yes, it is possible to use the Square reader to steal credit card information. But no, the Square reader does not make the existing credit card security situation appreciably worse than it already is.

Credit cards are basically 1950's technology, and their security model is fundamentally broken for on-line transactions. Back in the 1950's when credit cards were invented, the security model was that you had physically present the card to the merchant, who created a physical imprint of the card using a mechanical device. The consumer then signed the imprint. This made the security model essentially the same as that for checks: you had a physical token (the check or the card imprint) and a signature. Perpetrating credit card fraud was about as hard as perpetrating check fraud. You had to produce a physical artifact (a fake check or a fake credit card) and forge a signature. That was a high enough bar that fraud was rare by today's standards.

The descent from that halcyon days of the 1950's to today's chaos happened very gradually. Although finding documentation for this is probably very hard, the first step was almost certainly the result of merchants dealing with mechanical failures in the card imprint machines by writing down the credit card number on the sales slip by hand. The one day a merchant gets the bright idea that because they can write the number down by hand, they can accept orders over the phone. In the 1960's, magnetic stripes were added to cards, which allowed the entire end-to-end process of processing a credit card transaction to be computerized. This was a big win for efficiency, but in the process it completely eliminated the two features of credit cards that provided security: the physical imprint and the signature. The result, predictably, was a dramatic increase in fraud.

The fundamental problem with credit cards for in-line transactions is that, by definition, on-line transaction can involve only the exchange of information, not any kind of physical token. But the information that you have to give to a merchant in order to conduct one transaction is the same information that is needed to conduct an arbitrary number of transactions.

The credit card industry has responded to this situation with breathtaking naivete. A number of "security" measures have been added over the years, but they all amount to minor variations on one of two themes: 1) require additional information to conduct a transaction (expiration date, billing address, CVV code, and use computers running sophisticated pattern recognition algorithms to try to detect fraudulent activity. Neither of these measures is even remotely adequate for the task. As long as the information to process a transaction is the same for every transaction it doesn't matter how much of it there is, a fraudster can easily acquire this information (whatever it is) simply by posing as a legitimate merchant, which is trivial to do on the web. And heuristic fraud detection helps, but it will always have both false positives and false negatives. The result is a horrifically inefficient and fraud-prone system. The Square reader does make it slightly easier to perpetrate credit card fraud: now a fraudster can scan the card instead of, say, taking a photo of the front and back. But letting a fraudster copy a card in two seconds instead of six is unlikely to have even a detectable impact on current fraud levels.

The credit card companies could easily solve this problem by deploying smart cards with embedded processors that use cryptographic techniques to produce tokens that are unique to a particular transaction. This would all but eliminate credit card fraud overnight. Why don't they do it? That's a good question. The honest answer is that I don't know, but I strongly suspect that it's because the card companies are not the ones feeling the pain. The cost of fraud is substantial, but it's just fobbed off onto the merchants in the form of ridiculously high transaction fees, chargebacks, and rules that prevent the merchants from passing these costs on to the customers. The merchants are a captive audience because consumers, understandably, insist on paying with cards, blissfully ignorant of the fact that billions of dollars are being silently funneled out of their pockets and into the coffers of fraudsters and banks.

Normally, a situation like this would be ripe for a startup to come in with a better, more efficient disruptive solution. But the problem is that there is a huge chicken-and-egg problem: merchants won't want to use a new payment system unless consumers are using it, and consumers won't want to use a new payment until merchants are using it. So at the moment, unless the banks decide to do the Right Thing (don't hold your breath), we're stuck in this local minimum.

Did NASA discover bacteria in meteorites (again)?

Did they?

No.

Worth reading the second link, if for no other reason than to learn what "pareidolia" means (I didn't know).

Pardon me while I pick my jaw up off the floor

The Supreme Court just ruled that corporations do not have a right to privacy. And it was unanimous! My worldview lies in shambles. I would have given you long odds that Roberts, Scalia, Thomas, and Alito would rule in favor of corporations at every possible turn. Maybe there is some hope for the future yet.