Singpolyma

's Profile

Author Archive

Thinking About Aggregators

Posted on

So, I’ve been thinking for awhile about the aggregator experience I want to have for reading my blogs and microblogs. As I’ve increasingly been moving to my own infrastructure for both, my subscription experience has been evolving as well. Right now I have a rather hacky script polling the Twitter and Identi.ca APIs every 2 minutes, putting the content into my WordPress database, and exposing that information over a partial implementation of the Twitter API. I then use a ruby script that polls said Twitter API and sends the messages to me over XMPP (as well as allowing me to post to my self-hosted microblog). I read other feeds using newsbeuter.

This entire setup is a bit suboptimal. Why, for example, is my server polling and then storing content I am subscribed to? Isn’t that normally my aggregator’s job? I’ve realised, that the reason the model has evolved this way elsewhere (such as at status.net) is that in many microblogging services, the service acts as both publisher and aggregator, but this is sort of artificial. My server has no good reason to act as an aggregator, that function is not related to publishing my content.

I thus intend to build a better aggregator infrastructure. My current thought is to build some sort of modular system with data sources and sinks. The primary sources (to start) will be RSS/ATOM feeds and maybe Twitter compatible APIs. On top of this can be built a nice web-feed-reader infrastructure (like Bloglines was), which should support PubSubHubBub for its subscriptions (since it lives on a server asnyway), or an XMPP feed-delivery system (which just connects, delivers the content, and disconnects), or an ncurses or other GUI system for local use.

The system also needs to support replies (via Salmon or Trackback/Pingback) and also cross-posting of said replies (using Twitter-compatible or WordPress-compatible APIs). The public key that goes with the private key the aggregator is using to sign the Salmon slaps needs to be publicly discoverable somewhere (likely at your publishing point), but otherwise the aggregator doesn’t need any kind of public or always-on presence.

Free HTTPS from StartSSL

Posted on

Apparently, some people are still unaware that the can get a TLS/SSL certificate for free from StartCom. StartCom has been providing Class 1 certificates for free for some time now, but they’re certificates were not always widely supported. Having used one of these certificates for my personal site for some time now, I can say with confidence that there are well supported by major browsers and Operating Systems.

Head over to StartSSL Login/Signup and click the “Express Lane” option. The wizard will guide you through creating a new StartSSL account and creating a webserver certificate. You will be asked to give a significant amount of personal information, then asked to verify one of the email addresses associated with your domain name, and finally you will be given the opportunity to have them sign a certificate you have generated (the way to get a CSR is different depending on what webserver you are using or what host you are with, there is good information in the StartSSL FAQ or try Google).

As part of the account creation process a client-side TLS certificate will be generated and stored in your browser or OS keychain. Do not lose this certificate. It is the only way to log into your StartSSL account.

One little gotcha in the way StartCom has chosen to implement their Class 1 CA is that you will not be able to list your main domain as the primary name on the certificate, but will have to list a subdomain. You may list more than one name, and your main domain may be on the certificate, just not as the primary name. I, for example, have www.singpolyma.net as the main name on my certificate, and then have singpolyma.net as a secondary. This is a bit strange, but works fine with most clients (a notable exception being wget).

And that’s about it! Unless you’re on a shared host without a unique IP or host-based TLS support there is no reason for you not to have HTTPS enabled on your personal site.

On Selecting a Spouse

Posted on

I thought I should blog this while the discussion I recently had with Christopher Vollick about the matter.

First, a small disclaimer. I may use words like “spouse” and “marriage” in this post. These words are used for simplicity only and are not intended to indicate a particular legal or religious connotation. You could substitute “life-long helpmate” or “mate” or any word that fits your worldview.

There are a great deal of different models used in the pursuit of spousal selection. I cannot possibly deal with them all, and may not even know about them all, so I will deal here primarily with three idealized models taken from Western Culture.

Modern Common

This is what I choose to call the spousal selection model commonly portrayed in recent Hollywood movies. It is also, unsurprisingly, the most common model in common use in the Western world.

This model consists of selecting a potentially interested party, proposing that said party engage in some sort of social activity, after which the couple quickly becomes formally declared and usually exclusive (“boyfriend/girlfriend”). This process often happens so quickly that, if both parties are more or less interested from the outset, there may be no intervening social activity at all. In all cases the couple transitions very quickly from casual friends (or even total strangers) to a formal romantic relationship.

The couple then engage, at least for some time, in a significant amount of private or semi-private social activity as the primary avenue for relationship building and evaluation.

This model tends to result in people who go through a series of formal, semi-committed, but ultimately disastrous relationships. It also tends towards viewing the relationship as an avenue for two people to evaluate each other, instead of as an avenue for two groups of people (friends and family on both sides) to be slowly evaluated and integrated. This results in weddings where one side may meet close friends or relatives of the other very shortly before the event.

Modern Courting

This model may be unfamiliar to some as it is mostly common among the far right. It claims to be an incarnation of a much older model (discussed next), but is in fact something new and much closer to Modern Common.

This modal is far more formal and legalistic than Modern Common. Instead of having an optional period of socializing between “friend” and “girl/boy friend” this model chooses to force everything to be formally declared up front. Guardians are often consulted, goals set, and rules agreed to. Like much that comes out of the far right this model tends to pride itself on what it does not do. Modern Courting couples often spend little to no time alone, and limit their interactions to a plan.

Modern Courting does emphasize family evaluation more than Modern Common, but only in terms of the context in which it operates. The individuals themselves quite often still do not see this as a primary component of their relationship.

Austin/Dickens Era

This model is the obvious ancestor to Modern Common, but has some very distinct differences. The couple still engage in social activity together in order to evaluate compatibility. The relationship still eventually becomes formalised, and usually exclusive. The couple even, contrary to popular belief, may spend a significant amount of private or semi-private time in relationship building.

The primary differences, are transition and context.

In this model, the transition from casual friend to a formal romantic relationship takes at least as long as the normal transition from stranger to friend. Nothing formal has to happen until the couple is nearing the engagement stage. Before that, the couple is interacting as increasingly good friends in whatever context would be natural for good friends to interact, given their other cultural baggage. This means that, naturally, friends and family who are likely to become a major part of the couple’s future are interacted with and evaluated as part of the social group the relationship is using for context.

This model also gives significantly more wiggle room to pursuit, since a party has not overcommited before an evaluation has taken place, and can exit from the non-relationship gracefully without anyone else being aware of what said party was thinking. Of course, eventually each party’s intentions become easy to discern, but things are not dealt with formally from the outset.

On Arrangement Models

Decently-run “arranged marriage”-based models can work very well. Possibly better than anything else. They cannot, however, be mixed in a society with another prevalent model. If they are, those under the arrangement find the arrangement to be arbitrary as compared with the “freedom” of those around them.

Dystoparx — Part 6

Posted on

Bill is at a meeting. The meeting. Japan and the United States are both very on board with doing whatever it takes to catch major producers of child pornography. There are plenty of issues with sharing the kind of data that they’re talking about, but people at all levels are involved. Both countries have formed small task forces similar to Bill’s, somehow without alerting the media to what they are doing.

Bill takes the heads of these task forces aside into a separate room. He opens up his laptop and shows them the data his team has been pulling together for the last week.

“None of that is admissible in court,” the FBI guy has had the book thrown at him too many times.

Bill is unfazed, “I’m not proposing court measures.”

“You’re aware, I’m sure, of how grossly unethical this sort of data collection is?”

Bill just shakes his head, “Come on, man, I’m talking about taking down child pornography. All the way down. You guys can shoot running criminals, why shouldn’t you be able to comb technically public data to eliminate child abuse?”

The Japanese representative breaks in, “Our people have been thinking along similar lines.”

Bill smiles as the FBI man also nods in agreement. Let the politicians worry about should and ought, these guys worked all the time to protect their citizens from actual evil. The FBI man may talk by-the-book, but every crime fighter feels the need to do what it takes to stop injustices.

Bill, at the very least, is willing.

fakepm: Normal people can’t handle political stress. That’s why I’m so abnormal.
acklas: Someone needs to create a vacation spot where it’s easy to get away from those who are opposed to healthy discussion.
m0rty: I love cookies! Free cookies downtown!
jjdavis: @acklas just stay at home and only visit geeky parts of the Internet
nicnus: @acklas geek monastery?

Jack is back in his apartment in Atlanta. He stares blankly out the window. Without even engaging his brain, his left hand flicks a couple keys and soon some chiptunes are playing quietly from his cheap computer speakers.

He can hear his girlfriend rummaging around in the other room. Staying at home and visiting only the geeky Internet can’t work for him. Some geeks fall in with geek girls, but not Jack. His girlfriend isn’t unreasonable, he wouldn’t be able to deal with that, but sometimes she fails to care about issues he thinks are of vital importance. That may be a part of most relationships, it’s rather hard for him to tell for sure. Probably no matter how bad the political situation in the United States got she would want to stay. Of course, she’s never been outside the country, so it makes sense that she’s not interested in leaving. Still, if he ever has to jump she—

“Hey, babe, have you seen my slippers?” her voice enters the room and disturbs his thoughts.

He thinks for a minute before replying, “You have slippers?”

“Found them!”

Acklas is sitting in the dark. It’s daytime, but that doesn’t keep it from being dark. Curtains were invented for a reason. Acklas is actually between jobs right now. Normally, he works as a consultant, but he doesn’t have any contracts just now. That’s not normally a problem, since he can find an infinite number of things to occupy his time with. Right now, however, he has chosen to occupy his time by sitting in the dark and thinking of nothing.

This is even better sometimes than geeky parts of the Internet. The only person here is himself, and he isn’t really engaging his brain. No one, not even Acklas, can annoy Acklas with a lack of understanding.

Eventually he stirs long enough to notice the LEDs from his computer are putting light out into his space. He grabs a blanket and drapes it over the system. There. Dark.

Bill is much more productively engaged. Now that three teams from three countries are working full-time to gather information from not only legal spyware, but from any source they can find, there is just too much data to go through by hand. That sort of model never made sense in the first place, but now it really doesn’t. Thankfully, their teams are over half made up of IT professionals. These guys are writing lots of little programs they call “scripts” to process the data looking for patterns.

In the process, they are pulling up all kinds of data about people engaged in money laundering, identity theft, and all kinds of suspicious activity. They throw all this data into storage for later. The stuff they’re really interested in is there too. Images and references to child pornography in all its forms showing up in forums, on websites, and in emails. They need to figure out where most of the content is coming from, or where it is being stored. With the amount of data they’re now collecting, privacy laws or no privacy laws, it is only a matter of time before someone finds out a large enough amount of it is correlated in some way.

Of course, as far as the team is concerned, this is all on the up-and-up. Bill and the other two team leaders have seen to it that all the data from every source they could think of to monitor is coming in looking the same as data from MusicBox. It was actually the FBI guy who got all the technical bits going. Bill isn’t sure if the guy is actually technically savvy, or if he let one of his more trustworthy engineers in on it, but either way the data is flowing and the analysis is happening. It’s exactly what has always been needed to solve the problem of the Internet, and maybe, eventually, they can use it to solve other problems as well.

20:03 <nicnus> http://opinion.slashdot.org/story/14/06/24/195123
20:06 <jjdavis> What? What!
20:07 <nicnus> I know.
20:08 <nicnus> I think acklas may have seen this earlier.
20:09 <jjdavis> No wonder he wanted to be alone. This is depressing.
** nicnus le sigh
20:09 <jjdavis> There can’t be many people thinking this way. Can’t be.
20:09 <nicnus> My brother’s girlfriend probably agrees with it.
20:10 <jjdavis> The existence of two crazy people does not prove that we’re screwed.
20:10 <nicnus> Well… someone let him publish it.
20:10 <jjdavis> Man…
** acklas has joined your chat
20:13 <jjdavis> You saw it?
** acklas nods
20:14 <jjdavis> Just wait and see, we’ll have forgotten all about it soon. Luddites are nothing new.
20:15 <nicnus> Militant ones are, at least recently
20:15 <acklas> Well, recently real ones…

Jack sends the link to his girlfriend. Unbelievable.

20:20 <nicnus> Some of the comments are suggesting we take a similar line in reverse.
20:21 <acklas> I’d like that idea if it didn’t make us evil in the process.
20:21 <jjdavis> Peoplereally need to calm down. If this escalates…

Bill is very pleased. The first phase of their media blitz is a complete success. The anarchy of anonymous hackers has taken such offence to their story that they have spread it all over social media. In their efforts to fight the idea, they have spread it to the world. Mainstream media will pick it up tomorrow, and then sympathizers, of which there will be many, will get access to it.

Politicians will get access to it.

Just as the idea is leaving the public consciousness, they will have enough data to make a huge media splash. They won’t have to make the connection themselves, eventually someone else will do it for them. Maybe even one of those hackers they want to take down.

Dystoparx ­— Part 5

Posted on

Our protagonist is at a company meeting in meatspace. The company he works for doesn’t have meetings like this often. While most of the employees are in the region, some are out-of-province or even out-of-country. The company chatroom is usually good enough. Every 180 days or so, however, they get together. The higher bandwidth available when conversing face-to-face allows them to work through many issues rapidly.

Since very little actual coding is done at these meetings, Nicnus gets bored easily. He can get interested in abstract design or discussion about features, but much of the time — too, much in his opinion — is spent discussing little details. He’d rather leave those up to whoever does the work, or at least leave the discussion to what is necessary at that time. Still, this meeting is going well. Patricia, who is the closest thing they have to a boss, is laying out her ideas on the direction they should take the product. A new direction.

Their product, in case you’re interested, is a kind of network hardware. That means it is used to get computers talking to each other. The important feature of their product is that it can use any existing means of connection and automatically configure itself for the situation. They have a component that plugs into phone lines, one that plugs into power lines, one that uses wireless, one for old serial connectors, one that transmits using sound, and really one for anything else you can think of. If a client comes up with a connector they want that the company doesn’t yet make, then usually the company will develop it. The software installed on the devices finds all other devices connected, and gets them all talking to each other. All of this could be done without the product, but it takes more effort.

Patricia wants to bake strong, general-purpose encryption into the product and capitalize on the privacy craze recent events have created with some groups. She also wants devices using the same encryption keys to be able to discover each other in a peer-to-peer way over the Internet. This would provide a push-button solution for worldwide secure communications between members of a small group, such as the company itself.

Of course, her description of this vision does not come out as smoothly as this description. Her coworkers are interrupting her constantly to make little points.

“If each network is locked with only one key, then all someone has to do is steal that one key to break an entire network.”

“How are the devices going to know which other devices on the Internet belong to their network? Won’t we need to manage some central server?”

“Can’t clients already do this by setting up VPNs on their routers?”

While the discussion around these and other questions may not be of interest to many readers, our protagonist is in many cases not without an opinion, and as soon as he is expressing an opinion, he is no longer bored.

Bill is quickly finding that being “in charge” of a small part of the RCMP’s operations actually gives him less freedom than working near the bottom of a private investigative firm. As a large public organisation, one the people ostensibly trust to keep them safe, they are bound by layers of accountability structure. He is in a meeting with his team and several of his superiors now.

“Why? Why can’t we go after this guy?” Bill is waving a paper file.

One of his superiors leans back. Bill has been out of law enforcement for a long time. Perhaps they brought him in a little bit quickly. “I thought you understood how things work. If we go after everyone we’re just wasting our resources. We run things down until we find something significant.”

Bill is furious, “You keep saying that! Every time I bring you a bigger fish you remind me that we only go after big fish.”

One of Bill’s team members pipes up, “Besides, while that policy makes sense for petty situations like drug users, how does it apply here? This is child pornography! There aren’t hordes of these guys, and they’re all very bad, in my opinion.”

Another one of the higher-ups raises his eyebrows, “I’m sorry, your opinion?”

The first higher-up who spoke breaks in before those two can start a serious conflict, “The point, Bill, is that you’ve still only got a man who is likely uploading pornographic images to public websites. You have no evidence that he is producing these images himself, or even that he derives financial gain from it.” Bill starts to reply but doesn’t get the chance, “I realise you’re going to second the argument that there just aren’t many child pornographers, but if the data coming out of your team is any indication, there are more people who could be classified that way by the law than we would like to consider.”

Bill is silent. It’s true. He’d expected that with this kind of data, they could shut down all child pornography in Canada. Unfortunately, a lot of the data was marked as outside of Canada, and it was difficult to tell sometimes if data was being posted by the same person or not. They could send notices to web hosts that their Terms of Service were likely being violated, but so far they hadn’t found a lot of single major sources of the pornography.

“Now, Bill, I realise that this sort of data mining is a bit new. The United States and Japan have both started it as well. Someone is working on setting up a meeting soon with all three countries to see if we can’t share resources a bit. Maybe something will come of that.”

03:00 <acklas> So, your company is building a privacy tool anyone can use?
03:02 <nicnus> … Well, these days there’s a lot of privacy concerns this won’t solve.
03:03 <acklas> Sure… the spyware and stuff. Is there a solution to that, really? Things like MusicBox people are installing on purpose.
03:07 <nicnus> True enough.
03:07 <acklas> It’s suprising to me that they’re catching anyone that way. Wouldn’t people who were breaking the law not leave something activated that they know will get them caught?
03:08 <nicnus> These aren’t the mafia, grifters, or crackers. They don’t have lots of avoiding-the-police experience.
03:10 <acklas> Fair. What about the kiddie porn stuff?
03:11 <nicnus> You’ll note nothing major has come of that yet.
03:20 <acklas> What are you working on?
03:25 <nicnus> I’m reading through the MusicBox spyware protocol “crack” again.
03:25 <acklas> What are you thinking?
03:26 <nicnus> Could maybe write something that blocks MusicBox outgoing data.
03:27 <acklas> Interesting… would many people use it, though?
03:38 <nicnus> Probably not. People just don’t care that much about their privacy 😛
03:55 <nicnus> So… it’s possible, but not easy. Maybe I can make our product automatically “fix” computers that connect to the network 🙂
04:00 <acklas> A “good” virus? Don’t those make zombies? 😉
04:00 <nicnus> heh. MusicBox will probably just update their tracking if too many people block it out.

To: chan4watch@rcmp.gc.ca
From: bill.thompson@rcmp.gc.ca
Subject: Crackdown / Roundup

Listen all,

They won’t let us get anything done until we give them a substantial player. Pull the web browsing history of all identified offenders and search for a pattern. Maybe we can nail an imageboard or file host that these guys are using for their content. We don’t make policy, but we can make a media splash. The guys who **do** make policy are watching the media.

Next week they’re meeting with the FBI and someone from Japan. If they are willing to cooperate, we may be able to trace the international movement of this stuff. Too bad we can’t get the DHS to check internet packets at the border leaving the US, then we wouldn’t have this problem.

— Bill.

Maybe something will break soon. Bill is hoping it does. If the media makes a big deal out of this, maybe the public will be afraid enough that something can really get done. He is beginning to realise that data coming in from people who //know// they’re being spied on is only so useful. If only they weren’t so bound by policy and privacy concerns. After all, which is more important: privacy, or stopping criminals?

Our protagonist is winding down for the evening. Or midmorning. Whatever time it is now. He sets his IM to “away: sleeping” and turns off the monitor. Sometimes all this concern for the public’s interests gives him a headache. All Nicnus wants is to sleep, eat, debate, and hack. Or something like that. If people would care about their own rights, maybe he wouldn’t have to care so much.

That’s not going to happen. Nicnus is quite aware that the average human doesn’t give much thought to issues larger than the security of their homes.

All the lights are off in his house. He opens the fridge and stares into it.

“I’m tired, not hungry,” now he’s talking to himself. Sleep now. Tomorrow will be a work day. Maybe he can bury himself in code and forget for awhile about the outside world.