That Tingly, Geeky Feeling

My day job is building Web applications you will never see. That is by design; my apps deal with SECRET STUFF.

The first aside about failure: My first Internet application is also one you will also never see, not because of secrecy, but because it failed. We made an immersive app with a rich graphical interface that allowed people to share photos and messages with a select group of friends. The core app acted as an operating system, able to discover compatible services to provide data. It flopped. A few years later MySpace and Facebook provided crappy platforms that allowed the world to shout at each other. In retrospect my biggest mistake (among many) was assuming people valued privacy.

ANYWAY, I build Web applications. But I come from a background of developing desktop apps, and let me tell you, even now the world of Web app development is ridiculously painful. Slowly, slowly, software design principles worked out decades ago are finding their way to the Web.

Another aside about a failure: A while back I created a framework that allowed the UI (still running in a dang browser after all this time) to connect to the server with such efficiency that when anyone anywhere made a change, everyone saw it immediately. In geek terms, I created an MVC system where the central model was shared by all clients in real time. It also allowed anyone to track the entire history of every value in the system. I had a great 3D interface for that I never got to implement. The system worked so well I still get misty thinking about it. It was (still is) marketable. That project was shit-canned for reasons I could have managed better that had nothing to do with the technology.

But goddammit, I’ll fail shooting for making something great over succeeding at the mediocre, and I’ve got the track record to prove it.

I may have that chance again. I can’t be too specific (sorry for the tease), but I’m pretty excited. So this afternoon I snuck out of work early to go and… work. But fun work. Perhaps a chance to take my failures and put them together into a game-changer. I’ve come close before.

1

All-Nighter

She lay her head down on the table, wild dark hair soaking up spilled beer and mingling with the guacamole. “The problem with places that never close,” she said, her airy voice barely audible over the driving ranchero music of the cantina, “is that you can never go home.”

3

2017: Here we go!

I don’t usually resolve things, but last year I let some good habits slip away, and this year I want them back. So by publicly declaring them here, maybe I improve my chances.

  • Writing:
    • Write SOMETHING (almost) every day
    • More detailed character descriptions
    • Settings are characters
    • It ain’t worth squat if nobody reads it
  • Health:
    • Bicycle more miles than I drive (road trips excluded)
    • Improve commute pace by 3mph
    • Resume the no-beer-until-weekly-weight-target-reached regime (starting tomorrow)
  • Life:
    • Productive procrastination — use idle time better

The health ones are all things I have done well in the past. I didn’t have to wait for the new year to restart them, except that having a week off from work and being surrounded by excellent cooks would have doomed any attempt. Bicycling was improving in December, now I have to regain that momentum.

My average-speed-during-commute goal would put me back to about the speed I was going when I was in a state the fitness experts call “not potato”.

“Use of idle time” includes fixing the terrible Patreon plugin for WordPress, continuing to improve my Swift skills (especially on Linux), coming up to speed on photo editing and workflow options to replace Aperture, and keeping the Honey Do list short. The list of “productive” things will of course change over time.

But right now, I need to go play a game on my phone.

Edit to add:

Starting numbers for mileage challenge:
Bike: 7740 miles
Car A: 151968 miles
Car B (driven by two people): 6099

1

Knives Episode 26 Published!

With the Big Splash at the end of the last episode, it was time for Martin to take stock and do some planning. But not before contemplating just leaving everything and going back to his normal life as thief and assassin. But, well, there’s Elena.

On the patron front, it looks like my attempt to release more backstory was, well, unsuccessful. No worries — tomorrow I will do that first thing after taking down Christmas lights.

Episodes have been a bit slow lately, what with holidays and guests invading the Writing Bunker and whatnot, but episode 27 is forming up nicely and episode 28 is solidifying.

As always, thank you to all my generous patrons. You guys rock!

Read Knives.

Standing Rock and Internet Security

At the peak of the Standing Rock protest, a small city existed where none had before. That city relied on wireless communications to let the world know what was going on, and to coordinate the more mundane day-to-day tasks of providing for thousands of people. There is strong circumstantial evidence that our own government performed shenanigans on the communications infrastructure to not only prevent information from reaching the rest of the world, but also to hack people’s email accounts and the like.

Cracked.com, an unlikely source of “real” journalism, produced a well-written article with links to huge piles of documented facts. (This was not the only compelling article they produced.) They spent time with a team of security experts on the scene, who showed the results of one attack: When all the secure wifi hotspots in the camp were attacked, rendering them unresponsive, a new, insecure hotspot suddenly appeared. When one of the security guys connected to it, his gmail account was attacked.

Notably, a plane was flying low overhead – a very common model of Cessna, but the type known to be used by our government to be fitted with just the sort of equipment to do this sort of dirty work. The Cessna was owned by law enforcement but its flight history is secret.

What does that actually mean? It means that in a vulnerable situation, where communication depends on wireless networks, federal and state law enforcement agencies have the tools to seriously mess with you.

“But I only use secure Internet connections,” you say. “HTTPS means that people between you and the site you’re talking to can’t steal your information.” Alas, that’s not quite true. What https means is that connections to your bank or Gmail can only be monitored by someone endorsed by entities your browser has been told to trust completely. On that list: The US Government, the Chinese government, other governments, and more than a hundred privately-owned corporations. Any of those, or anyone any of those authorities chooses to endorse, or anyone who manages to hack one of those hundred-plus authorities (this has happened) can convince your browser that there is no hanky-panky going on. It shouldn’t surprise you that the NSA has a huge operation to do just that.

The NSA system wasn’t used at Standing Rock (or if it was, that effort was separate from the documented attacks above), because they don’t need airplanes loaded with exotic equipment. But those airplanes do exist, and now we have evidence that state and local law enforcement, and quite possibly private corporations as well, are willing to use them.

The moral of the story is, I guess, “don’t use unsecured WiFi”. There’s pretty much nothing you can do about the NSA. It would be nice if browsers popped up an alert like “Normally this site is vouched for by Verisign, but this time the US Government is vouching for it. Do you want to continue?” But they don’t, and I haven’t found a browser plugin that adds that capability. Which is too bad.

Edit to add: While looking for someone who perhaps had made a browser plug-in to detect these attacks, I came across this paper which described a plugin that apparently no longer exists (if it was ever released). It includes a good overview of the situation, with some thoughts that hadn’t occurred to me. It also shows pages from a brochure for a simple device that was marketed in 2009 to make it very easy for people with CA authority to eavesdrop on any SSL-protected communication. Devices so cheap they were described as “disposable”.

Shower Coma

You know how sometimes in the shower you kind of lose your place, and you’ll be washing your face and remember you’ve washed it already? This evening I was washing my face and I remembered remembering that I had already washed it before.

My face is very clean at this time.

2

My Gingerbread House

I’m one of those people who heads for the shadows when “fun group activities” are afoot. While I imagine fun ways I could participate, I simply don’t. So when it was announced that this year’s winter-festival-of-your-choice party at work would include a gingerbread house decorating contest, I immediately decided that I would not be participating.

But… I had an idea. I’m one of the only engineers in my group, and I started to think about how a gingerbread house could be expressed abstractly, the way it would look in software. I got some pretty grand ideas.

Still, when the contest organizers were patrolling the area, trying to get people to accept the kit and commit to participating, I demurred. My arm was not twisted. For the next half-hour I heard other arms being twisted, and a loud-for-the-workplace lament that not enough people were participating. “I’ll do it!” I called across the office. “Bring me a kit.” [“Feel the wrath of the arm not twisted!” I didn’t add.]

The kit included a fully-assembled gingerbread house and stuff to stick to it. But in software, that’s not what a house looks like. So my first task was to break the house down to its constituent parts, the same way a software engineer breaks a big problem down into a set of smaller, more manageable problems.
img_0022

It’s important to recognize here that the front of the house and the back of the house are the same, except for location and orientation. So in software, we define an end panel that works for both cases. Same with the sides, and for the roof panels. You break a thing down into its fundamental pieces, find what’s common between those pieces, and build your structure.

The challenge then, was to present those pieces in a meaningful way, and then create a language that would express how the parts were assembled and how they were decorated. When thoughts of poured-sugar virtual building elements with the parameters that defined them entombed inside gave way to reality, this is where I went:
img_0026

On a cookie sheet I staged visual representations of the various parts of the house. I included things like the color sequence of the gumdrops when used in series (a co-worker gave me a demerit for not following the Apple rainbow in my sequence. I should have thought of that.) Then there was the purely abstract assembly instructions. The final result looked like this:
ginger

But it’s not software without bugs, and the wreath that came in the kit was broken. I filed the error in the company’s bug-tracking system:
radar

Did I win? No. Of course not. Did I give my co-workers a little insight into how I think? I’d like to think so. I’m surrounded by creative people who view what I do as vaguely magic. Perhaps they understand me a little better now. Though to be honest it would take much more effort than one is likely to give at a holiday party to understand the intricacies of my gingerbread house.
tile

Then there was this conversation:

Me: I think I overdid the roof.
Guy I work with, squinting at my display: Oh?
Me: Piping and a gumdrop on every roof tile? Along with the candies all around the edge. It might be a bit much.
Guy: Where?
Me: It’s all there if you look, but you can only see it in your head.
Guy: Oooh.

And that is my job. I build things you can only see in your head.

2