Category Archives: Uncategorized

Happy Birthday HTTPD

I gather that the Apache HTTPD server project was born in March of 1995, i.e. 20 years old today.  Noting that April 15th when ones taxes are due in the US it 66

My first contribution was 1997, and I was deeply involved in that, and then other questions of open source, standards, etc. etc. for about a decade.

Very interesting years, yup.

I’m surprised that my second posting to the dev list mentions typing injuries.  I thought that happened after I got involved, but apparently it was before.  That change the arc of my life a lot more than HTTPD.

As one of my Internet friends has been known to point out nostalgia is a very dangerous emotion, so I’ll stop there.

 

Things I’m Liking

  • 200 years ago Tambora blew up –> world wide climate emergency.  You can worry about that too.
  • Forcing the unemployed to take jobs as fast as possible has long term negative consequences on GDP because they suck at the jobs they end up taking?
  • Interestingly cheerful take on how capitalism’s long term and intimate relationship with criminals is really a wonderful thing.  Extra points to Bloomberg for having Mr. Cook pen that.
  • Tis ironic that a good place to read up on modern trolling technology is the US propaganda organization Radio Free Europe’s series on the Russian Troll Army.  A serious sociologist should write a book on these techniques – he’s get a lot of buzz and high paid consulting work!

Crime Registry

I’ve occasionally wondered if the sex offender registry might lead to some sort of flocking behavior where those on the registry tend to gather in particular locations.  I’ve even looked for, but not found the heat map showing where they flock too.  Yeah Google, I thought you were all seeing?

Similarly I’ve wondered if we will seem other scarlet letter offender registries?

So it is with much delight that I learn that Utah is close to creating a registry for white collar criminals.  Apparently Utah has a lot of affinity fraud.

Gosh if they set one of these up in New York state I can visualize the what the heat map of Manhattan would look like.

High-Involvement Style

I’m currently enjoying Deborah Tannen’s book on Conversational Style.  Here is her summary of that might be called New Yorker style.  Sometime’s it’s called fast talking,   People unpracticed in this style often find in exausting or obnoxious.   She calls it “HIgh-Involvement Style.”

1. Topic

  • (a) prefer personal topics,
  • (b) shift topics abruptly,
  • (c) introduce topics without hesitance,
  • (d) persistence (if a new topic is not picked up by others, reintroduce it. Data show persistence up to a maximum of seven tries).

2. Genre

  • (a) tell more stories,
  • (b) tell stories in rounds, in which (i) internal evaluation (Labov, 1972) is preferred over external (i.e., demonstrate the point of the story rather than lexicaling it), (ii) omit abstract (Labov, 1972) (i.e. plunge right in without introduction; cohesion is established by juxtaposition and theme);
  • (c) preferred point of a story is the emotional experience of the teller.

3. Pace

  • (a) faster rate of speech
  • (b) pauses avoided (silence has a negative value; it is taken as evidence of lack of rapport-Tannen, 1984);
  • (c) faster rate of turn taking,
  • (d) cooperative overlap (the notion of back-channel responses [Duncan 1974] is extended to include lengthy questions and echoes, resulting from a process of participatory listenership).

4. Expressive paralinguistics

  • (a) expressive phonology,
  • (b) pitch and amplitude shifts,
  • (c) marked voice quality,
  • (d) strategic pauses

Lightning

I’m a bit of crank about the right answer to the question: “What has improved the quality of life the most for humans?”  Since pretty clearly the answer is Public Health.

Here’s a nice example of one of the many stories of that kind:  A Striking Change in Lightning Deaths.

I wonder if there is an estimate of how many lives the slogan: “”when thunder roars, go indoors” saved?

Listeners on Private Ports – race condition edition

Ha!  I have here a service X that is listens for it’s clients on private port N.  It failed to start because another activity Z was using N.  Looking at the state of things it’s clear that Z got N randomly assigned when it established a connection to a service on another machine.

This is the kind of bug you discover only if you get a short debug loop around what is typically a rare activity – rebooting the server in this case.  Gosh the chances of this happening are small.

I have been parking my private listeners in the private port range (49152 to 65535) for almost 40 years.  Maybe, I need to stop doing that.  Or at least assure that all listeners get started before any other activities start using the net – yeah right.

But now I’m confused.  I see that there is a concept of “ephemeral ports,” but the Wikipedia article leaves one with the impression that in practice you don’t know what range they are being drawn from.

So now I’m a bit confused what best practice might be.  Advocates of resource discovery score a few more points?

Frequency-hopping a server’s port

Here’s one of those ideas you have when you are not sleeping: why don’t we use frequency hopping to make it hard for attackers to find listeners to attack?

In scenarios where you want to keep the port number a secret,  you could randomly vary it’s location.  You could use TOPT, so both sides can rendezvous.  Seems this wouldn’t be that hard to add to ssh.  The sshd_config file might look something like this:

# Enable dynamic port listening, and the TOPT secret
Port dynamic 6000 16000
PortSecret 12345678901234567890

And the user’s ~/.ssh/config file would then have something like this in it

Host crazy.example.com
   Port dynamic
   PortSecret 12345678901234567890

You could let the PortSecret default to something derived from host key.

A Good Day

A few misc. items…

Happiness & Economics … What a wonderfully weird chart this is.  It’s weird in two ways.  First off what the heck is going on in the US?  Secondly this is basically the inverse of the chart of happiness v.s. income.

Programming languages – There is a very nice dialect of Lisp build on top of the Python ecology.   Sort of analogous to the way clozure is built on top of the Java ecology.  It’s called hy. Very smooth interoperability with Python, across many Python implementations.  For example you can casually load libraries written in hy into python code and visa versa.  Macros, backquote, real lambdas, everything is value returning, etc.  Surprisingly it even works pretty well with the Python debugger, such as it is.

Pricing games – As an collector of amusing pricing games this article that attempts to puzzle out the details of MTA ticket pricing is fun.

Programming – I wish I could find a standard tool that would let me make a compressed archive and then insert a descriptive header of unpredictable size at the front of it.  Something suitable for when you are building an archive by streaming and after the fact you want to prepend the cataloging metadata.  I guess I’m just a bit surprised that this use case isn’t so common that we don’t have a widely used tool that supports it.

Current events – NYPD?  What a bunch of babies!

Tourist Info:  The Brooklyn Art Museum is amazing.

Optical character recognition for PDF files.

Pypdfocr is very nice.   The input is a PDF file, for example the output of scanner.  The output is another PDF, which looks like the original but now has the words recognized in it.  That lets you can search it, and if you index all your documents then that’s very useful.  Spotlight on my Mac sees into these.

You can extract the raw text using pdftotxt, which is nice for reading on the train.

I was delighted the it understands columns pretty well.  It is not so good at paragraph breaks though.

I gather that a some of people use this to scan all the paper, receipts, et. al. that comes into their home.  It has some clever switches to help with that usecase.

It is a bit of a pain to install, lots of homebrew packages and pip packages are required; and then – at least in my case – it works but it complains that I didn’t get it right.  There are pages that talk about these things; but I’m happy enough now.

Claw Back

Recently I’ve added Ponzi Tracker to my RSS reader and it’s fun in that way that we all enjoy things that feed our confirmation bias.  And who doesn’t love a story about a criminal.  Today’s post included this bit:

“… the court-appointed Receiver, Kenneth D. Bell, begins his quest to recover “false profits” from thousands of victims that were fortunate enough to profit from their investment.  The receiver’s efforts to recover these “false profits” will become markedly easier in the event that Burks pleads guilty to the fraud, since the guilty plea or conviction of a Ponzi schemer allow the use of the “Ponzi presumption” that significantly simplifies the burden of proof required in the so-called “clawback” actions.”

I didn’t know that.  It seems like a big gaping hole in the investor protections that encourage corporate risk taking.  The reason we have limits on investor liability is that it lets the investors delegate risk taking to the corporation while avoiding the worst case scenarios that they will be held responsible for the evil that firm does.  Their risk is limited to the amount of their investment.  Back in the day only the king had the power to get away with murder, but then it devolved to his friends.

So I’d love to know why Ponzi schemes are unique in this regard.  And I’d love to know that if we convicted a few large financial firms of just the right crimes we could then claw back the money from the “lucky” ones who cashed out early.

Any amateur social scientist knows the next question: What about incentives?  If you threaten investor class it creates an incentive.  Presumably the kings friends let this loophole appear because the victims of Ponzi schemes are somehow unique when compare to the other victims of corporate malfeasance.  Maybe it’s about affinity.  Which is ironic, as affinity is a common feature of Ponzi schemes, but in this case I think it might be that the Ponzi victims are called “investors.”

If only the victims of the mortgage crisis had called themselves investors.  If only we could learn use that phrase “false profits” more.