Month: September 2011

3/4 Done?

Today is the 273rd day of the year, so at the three-quarters point, here is an update on my resolution progress.

  1. Complete unfinished novel series. The Harry Potter series was finished at the first-quarter update. The Sword of Truth series  was finished at the half update. The Ender series is now done. That is all thirteen books from the original list. At the three-quarter point, I should have 9.75 of 13 books done. With 13 done, I am done.For kicks, I added a dozen more books: the Tales of the Otori, Foundation, and Hitchhiker’s Guide series. Of the new set, I am 4 of 12 (25%) done. Enjoyed the HP, Ender, Foundation, and HGthG books.
  2. Complete the first 25 of the BBC The Big Read Top 100 (from 2003). Pride & Prejudice, Great Expectations, Jane Eyre, Wind in the WillowsCatch-22, Gone With the Wind, Catcher in the Rye, Little WomenCorelli’s Mandolin, and Birdsong are all done. War and Peace and Wuthering Heights are in progress and Rebecca will be only remaining book. I have 10 of 13 done. A quarter ahead is better than the last couple of updates.
  3. Attend more social events when invited. Slipping. I skipped some things.
  4. Goodreads: Read 50 books. At 41 books done, I am just a few ahead of the pace. (I should be at 37.5 done) Feel a little dirty by picking a few books smaller than 200 pages to be get ahead. A boy’s gotta do what a boy’s gotta do to stay ahead.
My reading got a big boost by not having either Internet or cable at home for most of July. Instead of hanging out on Facebook or vegetating in front of the television, I read.

Banned Books Week

Native Son coverI started reading Native Son because it is Banned Books Week (last week of September). The Office for Intellectual Freedom of the American Library Association asked people to read their favorite banned book. I’d rather take a chance on finding a banned book I already have and want to read than go back and read a favorite. Why not use this as a way to move a good book to the read list?

The Restaurant at the End of the Universe, already on my list does not appear to be listed as banned or challenged. The Hitchhiker’s Guide to the Galaxy is on the list of banned or challenged. Oh well. I’m fine with another one.

On Goodreads, I went through various banned books lists and marked the ones I recall reading plus added several to my wish list. Then I went through my “library” and tagged the ones from the banned books lists. Looks like I have read 44 banned books and want to read another 18. Guess I should add another 4 to read ones to improve the symmetry.

Most surprising to me was 14 of the banned books I have read were assigned in school. I thought it would be higher. Some parents objected to a high school assigned book for one teacher. After I graduated, parents objecting to other books caused two of my former teachers to leave when the board did not back them.

TED Talk: Doodlers, unite!

Hm. Maybe no longer doodling in meetings is why they seem hard to remember?

Studies show that sketching and doodling improve our comprehension — and our creative thinking. So why do we still feel embarrassed when we’re caught doodling in a meeting? Sunni Brown says: Doodlers, unite! She makes the case for unlocking your brain via pad and pen.

Link to Sunni Brown: Doodlers, unite! if embedded video below breaks.

TED Talk: After your final status update

The idea of preserving social media after our deaths seems creepy to me. But then I do

“You can imagine what something like this will look like 5, 10, 20 years from now as our technical capabilities improve.” It seems like a ENORMOUS claim that a social media company will last 20 years. Today’s top social media companies were founded in…

  • Facebook: February 2004 (7 years old),
  • Twitter: March 2006 (5 years old),
  • LinkedIn: May 2003 (8 years old),
  • Myspace: August 2003 (8 years old),
  • Ning: October 2005 (6 years old)

The odds of any particular social network existing after a sophomore in high school student today graduates from college is low (chosen because that is about when COPPA starts). This is a fickle market space where users literally vote with their attention. Google is working on their third social network in 6 years. Why would we trust these sites when they seem likely doomed to have limited lifespan? But maybe it is only important to immortalize someone for only a few years?

Introduction from TED site:

Many of us have a social media presence — a virtual personality made up of status updates, tweets and connections, stored in the cloud. Adam Ostrow asks a big question: What happens to that personality after you’ve died? Could it … live on?

Link to Adam Ostrow: After your final status update if embedded video below breaks.

The Cause

Found I develop free software because of CUNY and Blackboard following the Blackboard security issues story. It is a really good blog post. This conclusion made me smile. I am certain there are plenty of people in the system I support who strongly agree. I just wish there was an easier way of finding and applauding them.

As long as our IT departments are dominated by Microsoft-trained technicians and corporate-owned CIOs, perhaps the best way to advance the cause – the cause of justice in the way that student money is spent – is to create viable alternatives to Blackboard and its ilk, alternatives that are free (as in speech) and cheap (as in beer). This, more than anything else, is why I develop free software, the idea that I might play a role in creating the viable alternatives. In the end, it’s not just about Blackboard, of course. The case of Blackboard and CUNY is a particularly problematic example of a broader phenomenon, where vulnerable populations are controlled through proprietary software. Examples abound: Facebook, Apple, Google. (See also my Project Reclaim.) The case of Blackboard and its contracts with public institutions like CUNY is just one instance of these exploitative relationships, but it’s the instance that hits home the most for me, because CUNY is such a part of me, and because the exploitation is, in this case, so severe and so terrible.

The training plan is to make me one of those “Microsoft-trained technicians”. It makes me feel stupider just thinking about it.

Blackboard Security

Interesting articles accusing Blackboard of being lax about security. A Black Eye for Blackboard Over Its Response to Major Security Flaws which is about Millions of student exams, tests and data exposed. I saw the security bulletins, but I was not aware of the back story leading to why it was announced. We run an unaffected product, so I mostly ignored it. After reading the stories a couple times and the security bulletins again, my general read is still: overblown.

Blackboard’s practice is to work with the reporting client to determine the nature of the issue, whether it is being exploited, and test the fix. On the occasion where I was the reporting client, I was asked not to publish information about it as that would allow malicious individuals to exploit it before other clients implemented the fix. As I recall, the time from my reporting it to getting a patch was about a month. Plus, what I reported was pretty specific, Blackboard took that and looked more broadly and fixed everything they found. Then again, I reported a single issue not 16. Also, I tend to report such things to John Porter directly as I trust him to seriously address them. Someone opening a low priority ticket to the Tier I helpdesk, not providing the data Bb requests, or even worse incomprehensible data can get stuck in the Blackhole (where support tickets go to die). Every client needs to read Blackboard’s information on how to report security issues.

A problem with Blackboard only talking to the reporting client(s) is other individuals might already be aware of the exploit. The idea of keeping mum will prevent others from finding out fails to consider Newton invented Calculus at the same time as Gottfried Leibniz. Security by hoping no one else finds out… isn’t secure. Clients not provided ways of detecting whether the exploit is being used cannot report to Blackboard that their systems were compromised.

“We are not aware of any institution’s academic or student data having been compromised in any way by these issues,” Tan said.

In this statement, “any institution” means the clients who discovered this vulnerability not all clients. Blackboard is reassuring that the problem is minor and clients applying the patches quickly will keep it minor. Calling this a zero-day security vulnerability implies attack code is out there available to be used. So attackers potentially have information while defenders do not? Unfair. Epic fail. But only when it leaks to the attackers or they independently figure it out.

More interesting is the vulnerability claims Blackboard considered invalid because they “were due to misconfigured security settings.” So if an administrator sets an incorrect configuration the problem does not exist? For example, an administrator does not set Secure HTTP on the login, so a malicious person in a coffee shop snatches passwords and uses it to alter grades. (Or worse a 9 year-old compromises his teacher’s password.) Yes, it is the administrator’s negligence, but as a partner Blackboard should be helping administrators not be negligent. Keep this in mind: When a Blackboard system is compromised, only Blackboard cares whether it was administrator negligence or Blackboard code.

As a defender, I want all the information I can to protect my users from attackers. Whenever I talk about this with other clients, I hear the same thing. Instead I am left with fear, uncertainty, and doubt. Not that I expect any other vendor to provide me more information than Blackboard. This is why I like the idea of open source.

Smaller Java Cache

One of our campus Blackboard Learning System Vista Enterprise administrators reported to have reduced the number of Java cache related issues (failed sessions) by changing the Disk Space Allotment from the 1,000 MB default down to 100 MB. This is found in the Java Control Panel > General tab > Temporary Internet Files: Settings. I am curious if anyone else has found this to be the case?

The purpose of web browsers having a cache was to speed up use of a web site by not having to download content again. RAM is faster than disk is faster than Internet. (This especially was true in the mid 1990s.) Take a look at this web site. There is the image at the top plus various CSS, and JS files. It looks like there are a good 224 KB in CSS, JS, and their supporting images. Rather than download significant amount of content again, with the appropriate settings a browser will check whether the size changed (assume no changes) or it expired (really that it is stale). If neither are true, then it uses what it already has. This will make my web site load faster for the user. So caching is a very good thing.

Java Plug-in, the client downloading and rendering applets in a web browser, works similarly. It can keep a copy of the applet in a cache. Starting with Java 1.3 there are even parameters placed in the HTML for applet caching. It looks to me like the HTML Creator, really edit-on(R) Pro by RealObjects, JavaScript for instantiating the applet has settings which enable Java to keep it in its cache.

The default cache size of 1,000 MB sounded excessive at first. Do people really reach the point where the whole cached is used? Looking at mine, I have 4 items in Applications from running them on my desktop plus around 2,200 items in Resources. All this takes up only 155 MB. Most of them are tiny files. The largest ones in Resources are from the various Vista  clusters I administrate. Therefore setting this to 100 MB as recommended probably means these getting downloaded more often and waiting on 1MB+ files to download. Glad we have a fast Internet connection at work. Sucks to be the students on DSL who follow this advice and use lots of Java-based applets.

If the Java Plug-in cache was buggy, then I could foresee problems with display of applets. It should download the applet but does not, it should not download the applet but does, the wrong applet is used, a corrupted applet is used. Instead, this seems to be claiming to solve an issue were the web browser lost the session cookie. It seems very unlikely to me that a Java Plug-in could cause a web browser to lose a session cookie much less changing the cache size fix it.

Conditional Thinking

XKCDTech Support Flowchart

My mind made a leap past something blocking it for a while now.

This post, If This, Then That (ifttt): Teaching Conditional Thinking laid the groundwork I needed. The post describes a new simpler version of Yahoo Pipes called ifttt. The idea of both is to take data generated at one or many places and output that data in new interesting ways. An example for how I have used it is creating a single Bbworld feed taking the hashtags in Twitter, a couple dozen blogs, and Flickr tagged photos to produce a single RSS feed to follow. Sooo easier to give out this one than list all the feeds to coworkers or peers at other work places. It then describes this as a useful way to teach conditional thinking.

We have been discussing learning, specifically teaching the skills involved in problem solving: understand the problem, make a guess how to solve, try it, check the efficacy, decide whether solved or keep trying or give up. One idea thrown out was that there was a culture us-vs-them and that our culture made problem solving possible where as another culture did not. Another idea was that in order to problem solve one has to be able to find causes. A third was that someone taught us how to problem solve so someone needs to teach them.

This made me realize problem solving is similar to process flows in that have conditional logic.

  • Case: make a guess how to solve.
  • Exec: try it.
  • Test: check the efficacy.
  • Loop: decide whether solved or keep trying or give up.

The key piece really is someone who writes code reaches a point where letters, numbers, and symbols mean anticipated behavior. They know what it should do to solve the problem. Then when the code does not do it, they use problem-solving to fix it so it will.

So… To solve a problem, I may write code with conditional logic similar to problem-solving with problem solving to make it work. Even when I am writing this blog post, I am thinking about problems with it, how I can improve it, trying different ways to express it, and deciding whether it is okay. Think that seals it: Problem solving is a culture in which we are completely mired. Those trying to participate without thinking this way will have a hard time being relevant. Er… Useful. Er… Helpful.

TED Talk: Hire the hackers!

As a freshman in college, I made… some poor choices involving computers. (As all such stories go there was a girl involved, but I was not interested in her. My friends were. There were plenty of other girls I was interested in tangentially involved though.)

As a result of the poor choices, we were brought before the Assistant to the President for Information Technology. He tells us we violated federal law. But also… When cases like ours come before him, he wished that he could hire the culprits. A few years later he really would hire me for my first professional job. Not having done that really stupid thing might have me in a completely different career. Having this story about coming close to getting expelled over using a computer was the most exciting thing that had happened to me. Okay…. It still is.

Over the years, catching university students breaking the academic code or law with computers brings to mind that conversation. Some of my best work stories are tracking down and interrogating them. I do wish we hired them. I am friends with a few of them via social networks still.

I have previously heard the computer geeks / hackers are more likely to have Asperger syndrome. BBC on Gary McKinnon’s diagnosis.

P.S. Parallel Play: Growing Up with Undiagnosed Asperger’s was an interesting book to read. It solidified my belief I do not have it despite being one of the most relatable books I’ve ever read.

For 9/11

This seemed appropropriate to re-post today, the tenth anniversary of the event which inspired its need. The problems we are to overcome seem more prevalent and prominent today.

This statement was issued by the National Spiritual Assembly of the Baha’is of the United States in December 2001 as a response to the terror attacks of September 11, 2001. It first appeared as a full-page statement in The New York Times on December 21, 2001 and was subsequently reprinted in dozens of other newspapers around the country.

At this time of world turmoil, the United States Baha’i community offers a perspective on the destiny of America as the promoter of world peace.

More than a hundred years ago, Baha’u’llah, the founder of the Baha’i Faith, addressing heads of state, proclaimed that the age of maturity for the entire human race had come. The unity of humankind was now to be established as the foundation of the great peace that would mark the highest stage in humanity’s spiritual and social evolution. Revolutionary and world-shaking changes were therefore inevitable.

The Baha’i writings state:

“The world is moving on. Its events are unfolding ominously and with bewildering rapidity. The whirlwind of its passions is swift and alarmingly violent. The New World is insensibly drawn into its vortex….Dangers, undreamt of and unpredictable, threaten it both from within and from without. Its governments and peoples are being gradually enmeshed in the coils of the world’s recurrent crises and fierce controversies….The world is contracting into a neighborhood. America, willingly or unwillingly, must face and grapple with this new situation. For purposes of national security, let alone any humanitarian motive, she must assume the obligations imposed by this newly created neighborhood. Paradoxical as it may seem, her only hope of extricating herself from the perils gathering around her is to become entangled in that very web of international association which the Hand of an inscrutable Providence is weaving.”

The American nation, Baha’is believe, will evolve through tests and trials to become a land of spiritual distinction and leadership, a champion of justice and unity among all peoples and nations, and a powerful servant of the cause of everlasting peace. This is the peace promised by God in the sacred texts of the world’s religions.

Establishing peace is not simply a matter of signing treaties and protocols; it is a complex task requiring a new level of commitment to resolving issues not customarily associated with the pursuit of peace.

Universal acceptance of the spiritual principle of the oneness of humankind is essential to any successful attempt to establish world peace.

Racism, one of the most baneful and persistent evils, is a major barrier to peace.
The emancipation of women, the achievement of full equality of the sexes, is one of the most important, though less acknowledged, prerequisites of peace.

The inordinate disparity between rich and poor keeps the world in a state of instability, preventing the achievement of peace.

Unbridled nationalism, as distinguished from a sane and legitimate patriotism, must give way to a wider loyalty, to the love of humanity as a whole.

Religious strife, the cause of innumerable wars and conflicts throughout history, is a major obstacle to progress. The challenge facing the world’s religious leaders is to contemplate, with hearts filled with compassion and the desire for truth, the plight of humanity, and to ask themselves whether they cannot, in humility before their God, submerge their theological differences in a great spirit of mutual forbearance that will enable them to work together for the advancement of human understanding and peace.

Baha’is pray, “May this American Democracy be the first nation to establish the foundation of international agreement. May it be the first nation to proclaim the unity of mankind. May it be the first to unfurl the standard of the Most Great Peace.”

During this hour of crisis, we affirm our abiding faith in the destiny of America. We know that the road to its destiny is long, thorny and tortuous, but we are confident that America will emerge from her trials undivided and undefeatable.

The source of the above text of The Destiny of America and the Promise of World Peace.