How to herd cats: tie a small bright object to a string; place it in the peripheral vision of the cat; and then pull it around a corner out of sight.

Ben Laurie has been trying to entice me to pounce on tor. … I pounced yesterday morning.

Tor helps to frustrate the man in the middle’s attempt to monitor your internet usage patterns. For example.

Pretend to be the man watching my internet usage. You see me send mail to Mary, and then visit a travel site, and finally send mail to Tom. What do you think I’m doing? Notice that all those connections are unencrypted so you can probably know a lot more than just that pattern of usage.

Tor frustrates that kind of model building by mixing your traffic up with that of other tor users, partially encrypting things, and some other tricks. Mixing your traffic with a crowd of other users makes observing your patterns much harder. That’s done by bouncing traffice around the internet thru tor router nodes run by volunteers.

For example here’s my email to Mary intermediated by the Tor system. I send it to proxy on my machine; it’s encrypted, bounced around the Tor network a bit and then unencrypted and passed to Mary.

On my Mac this was really easy to set up; well in the usual geek sense of easy: download; build; install; cleanup; run it.


curl -o f.tgz http://freehaven.net/tor/dist/tor-0.0.8pre3.tar.gz
tar zxt f.tgz
cd tor*
./configure && make && sudo make install
Password: ...
F=`pwd` ; cd .. ; rm -rf $F f.tgz
tor


But you should proably follow the directions.

Then you need to adjust your Network Preferences to use it. Each interface has settings for proxies; you need to set the ‘Socks Proxy’ to use 127.0.0.1 (i.e. your own machine) and port 9050. I setup a “locations” in the network preferences for that.

I had having trouble with reaching things on my local private network; until the nice folks in the tor community tapped me with the clue stick and pointed out that you can write domain names to not route thru the proxy – it’s right there on the same page where you turn on the proxy – duh. I’ve also had some problems with client software that seem to disregard the network preference settings for proxies.

Quicksilver! Thanks Ted. Twice actually :-).

Provides amazingly quick keystroke access to most everything under Mac OS X.

Spread the addiction.

I’m am so excited to discover that the Victoria and Albert collections are moving online. These photos of the collection are just wonderful!

Ivory, silk ribbon, printed paper and grease (mutton fat and tallow). This is a device 1850-1860 used by women to keep score in archery.

Grease in the acorn helped the fingers slide smoothly off the bow string. Score is kept by poking holes in a replaceable cardboard disk with the pricker.

Maybe all that esoteric stuff I learned back in the 1970s isn’t entirely obsolete!

.PS
  box "joe"
  box "joe's" "bank" at last box + (1.2 , 1.2)
  arrow from 1st box.ne to last box.sw "banking"
  box "credit" "firm" at last box + (1.2 , -1.2)
  arrow from 2nd box.se to last box.nw "reporting"
  box "mortgage" "company" at last box + (-1.2 , -1.2)
  arrow from 3rd box.sw to last box.ne "credit check"
  arrow from 4th box.nw to 1st box.se "rejection"
.PE
 

Then on my Mac I invoke something along these lines:

    groff -e -p -ms foo.ms > foo.ps && open foo.ps

Man is that nostalgic! A manual for pic is here.

Now, where can I get a copy of ‘ideal’? It was a precursor to pic that used constraints and rendered it’s drawing onto the complex number plane.

With few exceptions the QA organization and Engineering organization in software houses are given separate management chains. There are assorted rationales for this. Some firms like to set up the two in a kind of competition in preference to having them working in common cause to create good software. Some firms think of QA as a kind of auditing function who’s role is to temper a presumed tendency of engineering to fraud or self delusion. Some firms do this because they have put the engineering managers into a incentive structure that makes them likely to cheat to ship on time and they need to compensate for that.

This organizational choice results in tension, or worse. The two groups are torn between their common-cause, i.e a great product, and the day-to-day competitive games that are a result of the organization structure.  As an illustrative example of how short term reward structures can generate polarization consider what happens when a bug is found.

When an engineer encounters a bug his reaction is to fall deeply into a trance state.  This is the hunter’s mental state. He slows time down. He rises slowly and closes his door. To the hunter that moment is very valuable. He is in the presence of his prey. Even if it gets away all the information that is at that moment at hand is useful for stalking it tomorrow.

When the QA engineer encounter a bug his reaction is to shout hosanna. He bursts from his office to tell the boss. The reward he seeks is a bug sighted. To the software engineer this reaction is totally inappropriate. Yes, sighting the bug is a very key exciting moment but this excited reaction lays waste to that very valuable moment.

The software engineer takes that exciting moment’s energy and channels it inward seeking a fugue state. The qa engineer takes that moment’s energy and channels in outward seeking a celebration.

The organization structure just amplifies this. The QA engineer goes to his boss; who gives him a warm smile. The QA boss goes to the engineer’s boss and gives him a sly malicious smile. The Engineering boss simulates a gratitude for the valuable sighting. He then simulates the engineer. He asks if they made any effort to stalk the bug. “Can you reproduce it?” “Do you know exactly how it happened?” The QA boss thinks: “Ah you always want us to do your job.” They smile at each other in the shared knowledge of the absurdity of their situation. Later the engineering boss mentions in passing to the engineer that there is another bug in the bug database.

The only way to breakdown this is to allow the QA engineer and the software engineer into more intimate contact. That allows the QA engineer to observe and them model the behavior of the engineer. They they can share the reward to killing the bug. Which is; of course the common cause. Of course, you’ll have to set aside whichever adversarial model you bought into when you established the separation of powers.

Organization design is tough.

Impressive! Yes indeed! My readers are so insightful. Rarely does a group gather so blessed by insight. Each of you nurtures a thirst for candor. Your self awareness keeps you immune from the wiles of sycophants. I’m proud to know you.

This book is a hoot!

Equally amusing is the evolution of it’s cover over the years.

The second golden age is at hand. The court of the Sun King is making a come back. Best to brush up on the flattering skills.

oh. Did I mention? Your the best!

Two Things — thanks Brian!

...

The Two Things about Practicing Law in the Real World:

1.
					

From the ever fecund Paul English we find this delightful database were we all gang up on them so we can talk to them rather than talking to their computers.

Apple 800-275-2273 — Zero three times; if virtual rep answers, say “operator”

Do your bit, add more!