The #gotofail episode will become a text book example of not just poor attention to detail, but moreover, the importance of disciplined logic, rigor, elegance, and fundamental coding theory.
A still deeper lesson in all this is the fragility of software. Prof Arie van Deursen nicely describes the iOS7 routine as “brittle”. I want to suggest that all software is tragically fragile. It takes just one line of silly code to bring security to its knees. The sheer non-linearity of software — the ability for one line of software anywhere in a hundred million lines to have unbounded impact on the rest of the system — is what separates development from conventional engineering practice. Software doesn’t obey the laws of physics. No non-trivial software can ever be fully tested, and we have gone too far for the software we live with to be comprehensively proof read. We have yet to build the sorts of software tools and best practice and habits that would merit the title “engineering”.
I’d like to close with a philosophical musing that might have appealed to my old mentors at Telectronics. Post-modernists today can rejoice that the real world has come to pivot precariously on pure text. It is weird and wonderful that technicians are arguing about the layout of source code — as if they are poetry critics.
We have come to depend daily on great obscure texts, drafted not by people we can truthfully call “engineers” but by a largely anarchic community we would be better of calling playwrights.
Stephan Wilson, “gotofail and a defence of purists”, Lockstep, 2014-02-26.
November 13, 2016
March 30, 2016
Published on 7 Apr 2015
Bundling refers to when two or more goods are sold together as a package. Microsoft Office, Cable TV, Lexis-Nexis, and Spotify all provide examples of bundling. What if there were no bundling and you had to pay for Cable TV by channel rather than purchasing channels in bundles? Would you end up paying more or less? We explore this question and others in this video.
February 15, 2016
Posted something at the work blog today about these apps that help you do things you previously did with low-tech means, like assembling grocery lists. One of the comments praised a grocery app that gave you turn-by-turn instructions in your store. I never, ever want to hear my phone say “You have arrived at frozen breaded chicken patties.” The idea of people walking through a store, pushing a cart, staring at the screen to see where the coffee is located — as opposed to looking up for the word COFFEE — is the sort of thing from a comedic dystopia. Then: story in the WSJ the other day about someone else starting a service that delivers groceries to your house. The predicate for the business: “no one likes to go grocery shopping.”
I love to go grocery shopping. I went grocery shopping tonight; hit four stores in 90 minutes. Explain to me how it is possible to have an understanding of modern American culture without going to the grocery store. Someone who grocery-shops weekly has a better grasp on our civilization than somoene who spends four years getting a doctorate in Marketing. If they offer such things. I suspect that anyone interested in marketing gets out there and markets as soon as possible, and a doctorate would be useful only for teaching other people about Marketing, which you’ve never done, but studied.
It’s like Journalism school. Saying you understand Journalism because you went to Journalism school is like saying you have a command of the basics of Dentistry because you used a pencil to black out the teeth in a picture of someone’s head.
James Lileks, The Bleat, 2015-01-15.
November 23, 2015
At The Register, Iain Thomson explains a new sneaky way for unscrupulous companies to snag your personal data without your knowledge or consent:
Earlier this week the Center for Democracy and Technology (CDT) warned that an Indian firm called SilverPush has technology that allows adverts to ping inaudible commands to smartphones and tablets.
Now someone has reverse-engineered the code and published it for everyone to check.
SilverPush’s software kit can be baked into apps, and is designed to pick up near-ultrasonic sounds embedded in, say, a TV, radio or web browser advert. These signals, in the range of 18kHz to 19.95kHz, are too high pitched for most humans to hear, but can be decoded by software.
An application that uses SilverPush’s code can pick up these messages from the phone or tablet’s builtin microphone, and be directed to send information such as the handheld’s IMEI number, location, operating system version, and potentially the identity of the owner, to the application’s backend servers.
Imagine sitting in front of the telly with your smartphone nearby. An advert comes on during the show you’re watching, and it has a SilverPush ultrasonic message embedded in it. This is picked up by an app on your mobile, which pings a media network with information about you, and could even display followup ads and links on your handheld.
“This kind of technology is fundamentally surreptitious in that it doesn’t require consent; if it did require it then the number of users would drop,” Joe Hall, chief technologist at CDT told The Register on Thursday. “It lacks the ability to have consumers say that they don’t want this and not be associated by the software.”
Hall pointed out that very few of the applications that include the SilverPush SDK tell users about it, so there was no informed consent. This makes such software technically illegal in Europe and possibly in the US.
November 22, 2015
Published on 30 Dec 2013
A web app that works out how many seconds ago something happened. How hard can coding that be? Tom Scott explains how time twists and turns like a twisty-turny thing. It’s not to be trifled with!
H/T to Jeremy for the link.
November 18, 2015
Eric S. Raymond explains how technical documentation can manage the difficult task of being both demonstrably complete and technically correct and yet totally fail to meet the needs of the real audience:
I was using “hieratic” in a sense like this:
hieratic, adj. Of computer documentation, impenetrable because the author never sees outside his own intimate knowledge of the subject and is therefore unable to identify or meet the expository needs of newcomers. It might as well be written in hieroglyphics.
Hieratic documentation can be all of complete, correct, and nearly useless at the same time. I think we need this word to distinguish subtle disasters like the waf book – or most of the NTP documentation before I got at it – from the more obvious disasters of documentation that is incorrect, incomplete, or poorly written simply considered as expository prose.
November 17, 2015
July 28, 2015
On one occasion, as Master Foo was traveling to a conference with a few of his senior disciples, he was accosted by a hardware designer.
The hardware designer said: “It is rumored that you are a great programmer. How many lines of code do you write per year?”
Master Foo replied with a question: “How many square inches of silicon do you lay out per year?”
“Why…we hardware designers never measure our work in that way,” the man said.
“And why not?” Master Foo inquired.
“If we did so,” the hardware designer replied, “we would be tempted to design chips so large that they cannot be fabricated – and, if they were fabricated, their overwhelming complexity would make it be impossible to generate proper test vectors for them.”
Master Foo smiled, and bowed to the hardware designer.
In that moment, the hardware designer achieved enlightenment.
Eric S. Raymond, “Master Foo and the Hardware Designer”, Armed and Dangerous, 2014-08-26.
June 25, 2015
I was raised as a Methodist and I was a believer until the age of eleven. Then I lost faith and became an annoying atheist for decades. In recent years I’ve come to see religion as a valid user interface to reality. The so-called “truth” of the universe is irrelevant because our tiny brains aren’t equipped to understand it anyway.
Our human understanding of reality is like describing an elephant to a space alien by saying an elephant is grey. That is not nearly enough detail. And you have no way to know if the alien perceives color the same way you do. After enduring your inadequate explanation of the elephant, the alien would understand as much about elephants as humans understand about reality.
In the software world, user interfaces keep human perceptions comfortably away from the underlying reality of zeroes and ones that would be incomprehensible to most of us. And the zeroes and ones keep us away from the underlying reality of the chip architecture. And that begs a further question: What the heck is an electron and why does it do what it does? And so on. We use software, but we don’t truly understand it at any deep level. We only know what the software is doing for us at the moment.
Religion is similar to software, and it doesn’t matter which religion you pick. What matters is that the user interface of religious practice “works” in some sense. The same is true if you are a non-believer and your filter on life is science alone. What matters to you is that your worldview works in some consistent fashion.
Scott Adams, “The User Interface to Reality”, The Scott Adams Blog, 2014-07-15.
June 22, 2015
At Techdirt, Mike Masnick looks at a recent Supreme Court case that asks that very question:
The Obama administration made a really dangerous and ignorant argument to the Supreme Court yesterday, which could have an insanely damaging impact on innovation — and it appears to be because Solicitor General Donald Verrilli (yes, the MPAA’s old top lawyer) is absolutely clueless about some rather basic concepts concerning programming. That the government would file such an ignorant brief with the Supreme Court is profoundly embarrassing. It makes such basic technological and legal errors that it may be the epitome of government malfeasance in a legal issue.
We’ve written a few times about the important copyright question at the heart of the Oracle v. Google case (which started as a side show to the rest of the case): are software APIs covered by copyright. What’s kind of amazing is that the way you think about this issue seems to turn on a simple question: do you actually understand how programming and software work or not? If you don’t understand, then you think it’s obvious that APIs are covered by copyright. If you do understand, you recognize that APIs are more or less a recipe — instructions on how to connect — and thus you recognize how incredibly stupid it would be to claim that’s covered by copyright. Just as stupid as claiming that the layout of a program’s pulldown menus can be covered by copyright.
The judge in the district court, William Alsup, actually learned to code Java to help him better understand the issues. And then wrote such a detailed ruling on the issue that it seemed obvious that he was writing it for the judges who’d be handling the appeal, rather than for the parties in the case.
April 28, 2015
Ever have one of those fever dreams where you’re moving through the terrain of a video game? Want to recreate that experience for some reason? You’ll want to download Doomdream:
Ever play a video game so often that it shows up in your dreams?
That’s the idea behind Doomdream, an interactive experience created by Ian MacLarty to simulate what his own dreams look like after he’s been playing the classic 1993 shooter Doom all day.
Although there are no enemies, no combat or really any plot, it generates a labyrinth of pixelated gray tunnels and bloody stalagmites for you to wander in forever, recreating the nightmare of so many players who got lost in the purgatory of Doom‘s looping levels, searching fruitlessly for an exit sign.
H/T to BoingBoing for the image and story.
March 11, 2015
I’d expect some legal action is pending over this little contracting embarrassment for Undead Labs:
Undead Lab’s State of Decay became a cult hit when it released back in 2013. Last year, the developer announced State of Decay: Year One Survival Edition. This updated iteration packs in previously released DLC along with a 1080p graphical overhaul. And once the visuals became clearer, developer Undead Labs realized their contracted help for the game hid an abundance of phalluses in the game.
While working on State of Decay, Undead Labs hired contractors to help build some of the backgrounds. For reasons unknown, those contractors scattered a collage of genitalia across the backgrounds. However, the original version of the game was a low enough resolution that the naughty bits flew under the testing radar.
“Some of our contractors worked a ridiculous amount of genitalia into the background,” says Geoffrey Card, senior designer at Undead Labs in an interview with XBLA Fans.
H/T to John Ryan for the link.
February 9, 2015
Not all women can code … but neither can all men. Pretending that because all women can’t code means no women can code is an exercise of idiots that is easily dismissed by the very existence of Admiral Grace Hopper, USN:
January 21, 2015
James Lileks takes a nap. It therefore (of course) provides the basis of a “Bleat” posting:
Another item of no surprise to any readers of this site is my enjoyment of, and insistence upon, and devotion to, difficult sentence structures. Also naps. I love naps. Didn’t use to; then we had a child. At first I napped on the floor, thinking it Spartan and manly, but eventually I saw the case for sleeping on a surface that did not leave flat indentations on my skill if I slept for more than 20 minutes. I don’t believe in napping on the sofa, Dagwood style; I don’t believe in napping while reclining in a chair. There’s a reason we sleep in beds. No one ever says “I don’t know how much sleep I’ll get tonight, so maybe I’d better sit in a chair and see how it works.” Bed. The humidifier for white noise. Phone on Airplane Mode. Set the alarm, and see you later.
It’s never occurred to me to study my naps, or chart them, or pick them apart for quality. There are good naps and bad ones. There are short naps that leave you refreshed, and short ones that leave you groggy. Long ones that seem to add a year to your life, and long ones that make you feel as though you emerged from a bog of tar. To be fair, long naps never leave me logy. Short naps can make me feel angry, because they weren’t longer naps.
But. I read a review for an app called Power Nap HQ, and it seemed interesting: it took nap data, based on your movements. You entered how much time you wanted to sleep, set a backup alarm, chose a sequence of sounds, and laid it next to you. It would report back on your movements, indicating the depth of the nap, and it would also record any abrupt sounds you made. Nicely designed, too. A buck. Bought it.
Calibrated the device, set all the options, and pressed the button to start the nap. Laid it next to me.
Got itchy. Dry skin. Scratched a little, and wondered if this would register on the device. This was the signal for my upper lip to report in as “slightly chapped,” requiring more minor motion, and I thought I might be confusing the app, which thinks this is light sleep. Or perhaps it doesn’t take any motion seriously until I’m inert for a long period of time. So I laid still.
Then I thought: now it’s going to think I’m asleep.
This nap wasn’t working out very well. You start to think about napping, napping doesn’t happen. You start to wait for the between-two-worlds moment when you’re aware that you’re having a dream, or are thinking of something you certainly did start but grew out of something you’d already forgotten, then the moment never comes. But the next thing I knew I was awake.
Sort of. Half awake. The alarm had not gone off, so I had not reached the desired quantity of sleep. I was up because my body was done with the noon ration of Diet Lime Coke, and wished to offload it. This I did, wondering how the app would read my absence. It would detect the motion, then the absence of motion, then motion, then – providing I got back to sleep – the absence of motion. I did what a man’s gotta do, then returned to bed to complete the nap. Fell back asleep. No dreams.
Woke, and thought: damn, I beat the alarm. Must be close. If I have one superpower, it is the ability to gauge the passage of time; if I knew what time it was 35 minutes ago, I can tell you what time it is now within a minute or so. This extends to naps: if I wake before the alarm, I usually know what the time will be. I laid there, waking, considering how the rest of the day would play out, then realized that the app would interpret my motionlessness as sleep. THE DATA WOULD BE IMPRECISE.
So I picked up the phone to see how long I’d actually slept.
I had overslept by 40 minutes.
The alarm had not gone off. The backup alarm had not gone off. It had not collected data. Other than that, best dollar I ever spent. Now I can remove it from my phone and sleep without worries.
January 14, 2015
Cory Doctorow explains why David Cameron’s proposals are not just dumb, but doubleplus-dumb:
What David Cameron thinks he’s saying is, “We will command all the software creators we can reach to introduce back-doors into their tools for us.” There are enormous problems with this: there’s no back door that only lets good guys go through it. If your Whatsapp or Google Hangouts has a deliberately introduced flaw in it, then foreign spies, criminals, crooked police (like those who fed sensitive information to the tabloids who were implicated in the hacking scandal — and like the high-level police who secretly worked for organised crime for years), and criminals will eventually discover this vulnerability. They — and not just the security services — will be able to use it to intercept all of our communications. That includes things like the pictures of your kids in your bath that you send to your parents to the trade secrets you send to your co-workers.
But this is just for starters. David Cameron doesn’t understand technology very well, so he doesn’t actually know what he’s asking for.
For David Cameron’s proposal to work, he will need to stop Britons from installing software that comes from software creators who are out of his jurisdiction. The very best in secure communications are already free/open source projects, maintained by thousands of independent programmers around the world. They are widely available, and thanks to things like cryptographic signing, it is possible to download these packages from any server in the world (not just big ones like Github) and verify, with a very high degree of confidence, that the software you’ve downloaded hasn’t been tampered with.
This, then, is what David Cameron is proposing:
* All Britons’ communications must be easy for criminals, voyeurs and foreign spies to intercept
* Any firms within reach of the UK government must be banned from producing secure software
* All major code repositories, such as Github and Sourceforge, must be blocked
* Search engines must not answer queries about web-pages that carry secure software
* Virtually all academic security work in the UK must cease — security research must only take place in proprietary research environments where there is no onus to publish one’s findings, such as industry R&D and the security services
* All packets in and out of the country, and within the country, must be subject to Chinese-style deep-packet inspection and any packets that appear to originate from secure software must be dropped
* Existing walled gardens (like Ios and games consoles) must be ordered to ban their users from installing secure software
* Anyone visiting the country from abroad must have their smartphones held at the border until they leave
* Proprietary operating system vendors (Microsoft and Apple) must be ordered to redesign their operating systems as walled gardens that only allow users to run software from an app store, which will not sell or give secure software to Britons
* Free/open source operating systems — that power the energy, banking, ecommerce, and infrastructure sectors — must be banned outright
David Cameron will say that he doesn’t want to do any of this. He’ll say that he can implement weaker versions of it — say, only blocking some “notorious” sites that carry secure software. But anything less than the programme above will have no material effect on the ability of criminals to carry on perfectly secret conversations that “we cannot read”. If any commodity PC or jailbroken phone can run any of the world’s most popular communications applications, then “bad guys” will just use them. Jailbreaking an OS isn’t hard. Downloading an app isn’t hard. Stopping people from running code they want to run is — and what’s more, it puts the whole nation — individuals and industry — in terrible jeopardy.