Archive for the ‘Writing’ Category

A Political Post

Wednesday, November 5th, 2008

Dear California:

I’m ashamed to tears to live in this state. Yesterday, 4.8 million of my neighbors voted against civil rights and equal protection. Proposition 8 was never about homosexuality, or religion, or the traditional marriage ceremony: it was about government adjudication of who can engage in domestic partnership, and the answer of the people is: “Not everyone”. The beliefs of a few about things that don’t affect them have now been turned into laws trampling on the rights of many. Congratulations, California, you just passed a miscegenation law.

To everyone who thinks this is a religious issue, to all Christians who voted yes on Proposition 8 because you interpret Leviticus 18:22 as declaring homosexuality a sin and calling you to take positive action to prevent same-sex couples from being happy in such sin, may I draw your attention to the New Testament: Luke 6:36-37, Colossians 3:13, 2 Corinthians 3:6, Galatians 5:14-15, and Galatians 3:19-28 for starters. You can think homosexuality is a sin, if you want to ignore the new covenant, follow all the laws of Leviticus, and declare putting meat and dairy on the same plate a sin as well, and miss the entire point of Christianity. But even if you do that, don’t you dare condemn other people for what you call a sin. Next time, try listening to what good old JC actually said before you try to do something in his name. Hint: it’s about forgiveness and love, not about legalism.

To all of you Yes on 8 campaigners who claimed this was about protecting the marriage of straight couples from some sort of degradation of society, or about what our children would be taught in schools, or that kids need both a mother and a father or they’ll grow up to be criminals and/or homosexuals, or especially anybody holding one of those signs that said “Prop 8 = less government”, come see me sometime, and I’ll send you to whatever hell you wish. You lied through your teeth to convince otherwise reasonable but tragically uninformed people that Prop 8 was something it wasn’t. I’ve been trying to keep my feelings today mostly in disappointment and not hate: but I really really really don’t like you.

My hopes and whatever feeble prayers I dare offer are with the ACLU, Lambda Legal, and the National Center of Lesbian Rights, who are currently challenging the constitutionality of Prop 8 in the California Supreme Court; and that the Court will do the right thing and protect the rights of all people.

I should be happy with the outcome of the Presidential election. The candidate I supported won, and I think the country sent a message that we’re not happy with the way things have gone. The power of the people is passing to a younger generation and we’re going to make some changes. I should be happy, but today I just can’t be. More than anything else, I’m shocked that this happened here. This is the West Coast, the land of hippies and greenies and crazies of all sorts. If this is what 47.9% of Californians believe, what does that say about the rest of the country? How can the same country elect Barack Obama and ban gay marriage? I just don’t understand.

All right. Back to infrequent natterings about technology.

P.S. Hey, Santa Clara county, where do you think you’re going? You come right back here. Santa Clara County, you screwed up big. 33.7% of you voted against BART. What the hell?! Who voted against BART? You’d better hope there are 5,000 more uncounted absentee votes for Measure B hiding somewhere. If B finally fails when every vote is in, I will find all of you and I will beat your ass back into the real world where we need BART in the South Bay so bad it hurts.

Full disclosure on my political & religious positions: I’m an atheist who sees a lot of value in the best teachings of Christianity and all religions; the teachings that nobody can always follow because it’s actually difficult to be a good person. I have strong respect for civil liberties and the rights of individuals. I’m a bit left on welfare issues. On the other hand, I don’t trust the free market as we know it today. I’d love to, but it proves itself time and again to be a terrible servant of the public good.

Digression about Corporate Names

Sunday, October 19th, 2008

My bike was manufactured by Kawasaki Heavy Industries.

I’ve always loved that name: Heavy Industries. Mitsubishi uses it too. Calls forth images of smelters and arc-welding and great banging puncher and stamper machines on conveyor belts, the kind the heroes of a sci-fi movie have to duck through with precise timing. The modern-day blacksmith. Dimly lit cavernous factory buildings with much steam in the air. Dungeonesque. Steel and iron and axle grease. Beautiful.

There’s a new media art group from South Korea that make Flash animations of rapidly displayed words set in time with jazz music. They’re short stories or spoken-word pieces, but read instead of heard. They call themselves Young-Hae Chang Heavy Industries, turning the name on its head, because of course all they manufacture is fundamentally just bits and pixels. Not everything on their site is safe for work.

The computer security group L0pht Heavy Industries is quite well known.

On the other hand, Kawasaki Heavy Industries makes motorcycles, ATVs, and jetskis. At first those seem like only the smallest of motor vehicles. They don’t make automobiles or trucks. The impression that gives me is that Kawasaki’s Industries aren’t as Heavy as, say, Ford. So there’s a sort of irony that I project into the name.

Of course, they actually do make large things. They build aircraft, helicopters, rolling stock (including the Shinkansen), ships, construction equipment, and energy plants. Plenty of stuff worthy of the name Heavy Industries. We don’t see much of that on this side of the Pacific, so it’s a false impression to many (American?) consumers that all Kawasaki makes is small motor vehicles.

Just some rambling, taken mostly from an email to my dad. I haven’t posted anything worthwhile here on the blog for a while, and I guess this was my desire to write popping up somewhere else.

Cars (other peoples’ and mine)

Friday, June 13th, 2008

I work in downtown La Jolla, right opposite the Ferrari/Maserati dealership. AMGs, M-series, and Porsche Ses are everyday sights. Jaguars are like Toyotas. I’m tired of seeing expensive cars. But sometimes there’s something a bit more interesting than usual…

One day on the way to work I saw someone picked up in front of a particularly large house by a chauffeured Maybach. In the words of James L. (wherever you are), “Must be nice…”

Ford GT in downtown La Jolla A few weeks ago I saw a Ford GT in downtown La Jolla. Really, with gas prices up to $5/gallon, you’re driving one of these? You and Jeremy Clarkson both.


BMW Z4 with German plate \"BMW Z4\" The US Open is in town this week, at Torrey Pines. It’s practically across the street from campus. There are a lot more interesting cars here this week—somehow the AMGs and M-series are even more abundant than usual. I found this BMW Z4 with the German plate “BMW Z4″ nestled behind CVS. An odd place to park what I assume is BMW’s touring show car. As I drove out of the parking lot, I saw a brand new SL63 AMG and a DB9 Vantage.

I don’t say any of this out of envy, merely commentary. I don’t particularly want any of these cars.1 In fact, I still haven’t figured out what kind of car is right for me. Fast or a smooth ride? Four-door? Hatchback? FWD, RWD? Manual or auto? Low-slung or tall and roomy? I have only the vaguest of preferences.

My Car For now I drive my dad’s trusty old Volvo S70 T5. I say “old” because the car is well on its way to 200,000 miles, but she’s only ten years old, and she looks and feels like a young girl of only 60K.2 It’s zippy enough that I can have fun on late night jaunts to campus or wherever; but it’s a Volvo, so it’s comfortable enough that I don’t really mind the six-hour nonstop service from SAN to SBP for holidays and vacations. Plus it has five cylinders, which is just neat. It’s my car and I love it.

Then again, with gas going up and up, these may be the last days of the automobile. Maybe I was born in the wrong decade? Ah well. Bring on the public transit and high-speed rail.

  1. Except maybe a Z4M.
  2. You may note I use the female pronouns here. For some reason I never think of my car as a female, even though that’s the convention for vessels. But the turn of phrase was so nice, I couldn’t pass it up.

A Reply to DJ on Drivers

Tuesday, October 16th, 2007

DJ laments there are no practical guides to driver writing.

DJ, allow me, as I so often do, to vocally disagree with you :). You seem to be making two closely related claims:

  1. There’s no information in OS textbooks on how to structure a driver to fit into any given operating system’s driver architecture
  2. There’s no information in OS textbooks on how drivers ought to interact with their hardware to make useful stuff happen

1. General operating systems textbooks are not the place to find this information, because if they were they wouldn’t be general operating systems textbooks.

Depth and breadth are usually a trade-off in books. If a book were so thorough and detailed in its treatment of Linux drivers that you could use it as your sole reference while writing one, it could not possibly do the same justice to drivers for Solaris, Free/Net/OpenBSD, AIX, Mac OS X/IOKit, Win32, WinNT, Vista, or any other operating system, and it surely can’t cover things like process scheduling, networking, virtual memory, filesystems, or any of those other things kernels sometimes do. The reason you read an operating systems book is to get a (necessarily) broad coverage of what all operating systems do.

If you want to get specific enough to one kernel and one subsystem that you can actually use it as a reference to build a driver, you probably want to put Modern Operating Systems back on the shelf and try Linux Device Drivers, a book focused on exactly what you see as lacking in general operating systems books.

Taking a mild divergence to head off a counterargument, it’s completely acceptable for the usual OS curriculum to exclude drivers, while including many other parts of operating systems, say, basics of concurrency. The difference in curriculum reflects the likelihood the average student will encounter the material during his career. The average programmer has very high odds of using concurrent systems sometime in his career, even more so today with the advent of multicore systems. Any more than the most basic concurrent programming (paranoid locks everywhere) involves some knowledge of what the OS is doing. In contrast, the average programmer will never be anywhere near driver code. Those who do write or maintain drivers take onto themselves responsibility to further research the field, the same way we expect those working with highly parallel systems to study a bit more than locks and semaphores.

2. I’m willing to accept that there’s little information available on actually driving hardware, but that’s because the information you’re looking for is very narrowly applicable, proprietary, distributed across the whole field, in rapid flux, and/or lacks any common principles or organization. Difficult to put that into a textbook with a ten- or twenty-year lifespan.

There’s so little information generally available about how to drive hardware because it’s intensely device-dependent. Once you get to the IO port level everything ends up pretty specific to the particular chip you’re talking to. Sure, ATA’s standard, so it’s not hard to drive a hard disk. But how about the ATA controller chip? How do you ask it to send a command and get the result? Not so standard.

The impression I get from the field (see disclaimer below) is that everybody kinda builds the hw/sw interface to be as simple as possible for the firmware and hardware guys to build. This varies fairly widely with different guys and different organizational knowledge. Firmware and hardware are extremely expensive and difficult to build correctly, and anything that can be simplified should be; anything that can be offloaded to (testable, debuggable, patchable) software should be. When everyone builds their hardware the way easiest for themselves and their organization and offloads everything else to software, everybody’s hardware will look completely different and will have completely different expectations of the driver’s role. Consequently, everybody’s drivers will look completely different.

A secondary reason for lack of standardization is that until recently most first-party drivers for mass-market hardware were closed-source. When your competitors’ specs are closed to you and your own spec is closed to them, standardization is just not possible. This is changing, though, and we’ll see what happens. There have also been notable exceptions, when an entire industry segment decided to stop being dumb and standardize. EHCI stands out as a shining example. (IDE/ATA/SATA as standard disk access might qualify, though they have their origins in ancient disk protocols defined by the operating system, not the disk vendor, and any disk had to meet that protocol or you couldn’t use it. Standardization was imposed by the OS, not agreed upon by the vendors)

In such an environment, OS books can’t really get any more specific than “Here’s how you read from or write to an I/O port” for the same reason they can’t really get any more specific than “Here’s how you read or write to a network socket”. To tell you how to use, say, FTP, is to tie themselves to today’s practice and take up paper and author’s time that could be better devoted to general principles of networking. They probably ought to describe PIO and DMA, for the same reason they describe IP and TCP. But the OS books are and should be mute on how to drive the hardware. Those rules are different between every chipmaker and every chip, and change every year and every rev. They belong in datasheets and reference manuals, not general textbooks.

Conclusion

For now, every operating system has a different driver architecture, so a general operating systems textbook can’t and shouldn’t devote too much attention to any given system. Furthermore, every piece of hardware has a different host interface, so a general operating systems textbook can’t and a driver reference book sometimes shouldn’t devote too much attention to any given piece of hardware.

The way to change this is for different kernels to agree on a driver architecture, or for different hardware makers to agree on a host interface. The first is not likely to change anytime soon; Linus is not about to chuck the bottom quarter of 2.6, Apple’s kernel team hasn’t shown signs of life lately, Sun still hates everyone, and Microsoft is still dumb.

What is changing is that host interfaces are standardizing. USB was a great leap forward in this regard. Other than the UHCI/OHCI misstep, EHCI means anybody’s host adapter works the same as any others, and device classes mean anybody’s device works the same as nay others. No more does every serial and parallel widget in the store need its own driver. Disk interfaces have long been standardized (out of necessity). I thought Ethernet NICs have a broadly-supported standard, but I can’t track it down.

Disclaimer: I’m very new to hardware design, I’ve never written a driver, and I’ve only been through the first-level undergrad operating systems course. I calls ‘em as I sees ‘em, but I may not see ‘em very well from where I stand. I welcome discussion.

On the HD-DVD key flap

Sunday, May 6th, 2007

Today, Kyle said to me:

So, you know that whole hd dvd key thing? Everyone and their grandmother knows it now, or knows where to find it. But I don’t think anyone knows what the heck to do with it.

Why did the HD-DVD key become such an issue?

Content providers: Takedown letters are not the way to stop piracy. Still less are they the way to squelch people with an agenda.

Bloggers, Diggers, etc: Copying and pasting a couple dozen bytes does not equate to taking to the streets in glorious revolution. The key’s been public for months. Those who needed it to do business (software developers and pirates) had it long ago.

Forgive me if I sound reactionary. I’m on the bloggers’ side on the whole. Certainly I’m no friend to the MPAA and RIAA. I just thought we’d been through all of this back in 2002 when DVD-Jon went to trial. It’s the same DMCA, same technology (video DRM), same fair use and anticircumvention issues. Of course, none of these issues actually came up in Johansen’s trial; they were just discussed to death on the net. I’m annoyed that this all came back a few days ago, but glad everybody shut up at the end of the day.

TMBO had a photo (sorry, no link) of a guy who tattooed the key to his chest. He’s going to feel really silly next year when nobody remembers or cares anymore, and even sillier in five when the next-next-gen formats arrive with the same folks backing them.

(I hope he feels silly already because back when we had the export restrictions fifteen years ago people did the same with strong crypto algorithms.)

Today in Watching Good Things Die news…

Friday, March 30th, 2007

Speakeasy, the last insanely great national ISP, just got bought out by Best Buy.

Speakeasy is known in the community for giving the speeds they promise, not throttling on the last mile nor unreasonably overselling their middle mile, for not blocking any inbound or outbound traffic, and encouraging users to run personal and game servers. These are things no other ISP really does. We’d be with them today, on 6×768 DSL, if we were closer to our CO. I can personally attest to their excellent customer support: the couple of problems I had were both resolved in a ten minute phone call to actual employees (not call centers). Not bad for a company of only 300 people.

And now they’ve been bought out by Best Buy for barely a year’s revenue.

At least it’s the Best Buy business division. That means we won’t have salesdrones pressing DSL on top of service agreements. And business-facing people seem to have their stuff together, on the whole. So I’m not completely without hope. I guess we’ll know in a year or so if Best Buy nukes the management.

Beginning of the year big ups

Tuesday, January 2nd, 2007

Shoutouts to (in no particular order):

Paul, Ava, Ben, Kelsey, Rushi, Sheenika, Jonathan, Dan, Chris, Mooneer, Stephi, Hanna, Scott, Danny, David, Nik, Jess, Brad, Bethany, D.J., Sheree, Aaron, Lily, Eric G, Auston, Mark “The Knife” “The River” Gahagan, Meg, Chi, Amrit, Tam, Amado, Rego, James, Kim, Amy, Proud, Sharon, Christine, Michael, Melissa, Christie, Eric B-D, Billy, Cody, Dylan, Brandon, Iron Jeff, The Swede, Ryan, Cano, KG, Gabe, Cha-cha, Mary (my other mother), Bilow, Flo (“zis country would be so much betteir if it weir cohvered wis a meeteir of snow!”), Kris, Amanda, Lizzie, Rose, Brigette, Kerry, Marla, Kristjiana, Iain, Mike, Van, everyone else from HS, John and Elaine, Brian, Chris, Ted, Danny, everyone else from UCSD, Bill Clabby, Jeanette Ibarra, Professors Chu, Ord, Tullsen, Sato, Ito, Pineda, and Rhodes, Gabriele, Pat, Matsumiya-sensei (wherever you are), the Big Domy (you know who the Big Domy is), and of course Teresa, Rick, Amy, and Jessie. If, somehow, I forgot you, you know you’re on there too.

Further corporate propers to:

Apple Core OS team, 2 Dogs Coffee (Morro Bay), Eventful, Fern Canyon Press (and all their endeavours), Microsoft Xbox 360 team (all right, ya done good), Nintendo, Xilinx (I hate your software but I love your hardware), most of UCSD, Google, all the backbone network operators, OmniGroup, Matz, _why, and the Ruby core team, Linux kernel developers, Red Hat/Fedora, every single man woman and child who has contributed to Debian, NoMachine, irssi.org, Freenode, GNU Project, SureFire, Streamlight, Wes Hinkle’s San Diego Volvo (Service department), and of course Apple circa 1976, for the dream and the spirit.

All of these people touched me in 2006, almost universally for the better, and made my life what it was. I look forward seeing you all in 2007.

The terminology of compatibility

Tuesday, September 12th, 2006

My previous post pointed out to me a failing of terminology to describe compatibility. To paraphrase FOLDOC:

  • Backward/downward compatibility means playing DVD discs in Blu-Ray players. It is a property of the new system.
  • Forward/upward compatibility means DVD players were originally designed to play Blu-Ray discs with some level of degradation. It is a property of the old system. (This is not true, of course. DVD players have no idea what a Blu-Ray disc is and will spit it right out. The physical layer wasn’t designed to be gracefully forward compatible.)

I’m looking for a term that means that Blu-Ray discs were designed to be played in DVD players. It’s a property of the new system; the new system was built to work with the old system, the old system never had a clue about the new system.

A Response To Dave Piscitello

Tuesday, August 1st, 2006

Via Bruce Schneier’s blog. Read it first.

When you reduce “admissibility” to a more simple and general form, it becomes the question “What happens to the data after it changes hands from the provider to the user?”. At some point, the handoff must occur, and beyond that point the server can have no knowledge or influence on the data’s further disposition. A few technologies, such as end-to-end encryption (SSL, etc) can help move the handoff to the client endpoint’s network stack, but at some point the data is decrypted, and it becomes accessible to the user’s code and eyeballs. This is the intention of a good secure system — to give the right data to the right users.

With that, necessarily, is the risk that other code and eyeballs will steal that data from the intended recipient – and that is a completely separate security problem that can only be solved on the client side. The parameters of the problem are the same “Four As” (or “CIA”) we already know. The security of the entire system scales like a fractal, to smaller and smaller scopes, until at last we have CRT to eyeball and fingers to keyboard (which leaves the realm of computer security and becomes an old-fashioned physical security problem) ((I’m not trying to minimize the value of physical security; if anything, it’s a lot harder than computer security. It’s merely a different kind of problem, and a different set of people need to work on it once it reaches that level.))

The security of the client is a problem; but it is neither the server’s problem nor a problem the server can solve at all. A server can never have any assurance whatsoever that its client is not vulnerable to attack. There are two ways for the server to obtain an answer to that question: the server can invasively investigate the client, or the client can claim to the server that it is secure. If the server invasively investigates the client, it can be tricked into investigating a clean-looking virtual machine. If the client claims it is secure, or rather, that some sort of configuration-management software running on the client claims the client is secure, that response can be spoofed by an attacker, or the configuration-management software can be compromised.

If this whole server-trusting-the-client’s-configuration sounds vaguely familiar, it’s exactly the same problem that ruins identd: the trust isn’t placed in identd, the trust is placed on the sysadmin of the remote machine. But how do you know to trust them? How do you know their machine is not lying and has not been hijacked? You cannot, and that is why identd is not a usable authentication system. ((So why do most IRC networks still require it, or make you wait thirty seconds until the request times out?))

Ultimately, the admissibility question reduces to “What are you going to do with this data after I give it to you?” This is not a new question, nor is it an easy one to ask and answer. Some of its unhappier answers include users taking laptops home after work where they can be burgled, or users deliberately giving or selling data to third parties. These are all completely outside the design of the security system. ((This problem of “what are you going to do with the data, now that you have it?” applies at all levels, including within the server as requests are processed, an area I think may be overlooked too often. This is the level at which you ask questions like “Do I trust that this data will not be snooped out of the kernel’s networking stack, before it’s sent out the ethernet port?”—don’t laugh, it’s happened!))

Until the day when data itself grows teeth and can defend itself against misuse, we have to carefully limit who we authorize, do our best to teach how to secure their own environments, and finally, trust those authorized users and their environments. That’s the way we do things now, and it’s not always a very fun way (especially that second part), but it’s the only way.

I hope somebody’s working on that teeth thing, though.

A final word: One-time passwords and time-based credentials (Opie, SecurID…), properly implemented, can make all forms of sniffing a LOT less profitable. The first credit card company that uses rotating card numbers based on a SecurID-style token is going to get my business. Alternatively, I’ve heard some European banks give customers scratch-and-sniff cards with a few dozen one-transaction authorization codes. That’s a nice low-tech solution that’s just as good at the end of the day.

Suppose that people live forever.

Friday, April 28th, 2006

On the SAT test, nigh on two years ago, I had to read and answer questions about a lovely little essay on the subject of immortality. It fascinated me, and when I got home after the test, I tracked it down. It was an op-ed piece in The New York Times, entitled “A Brief Version of Time” written by Alan Lightman in 1993.

Inspired by Jess’s latest blog entry, I dug it up again. The only clean copy I could find was in Google’s cache of an old mailing list archive that has been taken down. I <3 the internet. (There is, of course, a perfectly good copy in Nexis somewhere, and since I’m on campus I have access to it, but Nexis is scary and I don’t know how to use it. I know, I’m terrible. I should go to one of the “How to do research that doesn’t start at Google and end at Wikipedia” workshops at the Library.)

Here it is, for all the world to read again, until the Times finds me.

A Brief Version of Time, by Alan Lightman.