The Best Friend You Didn’t Know You Had

I was reading the other day about how some hackers found a serious security flaw in php. php is a language used on Web servers to deliver content to your browsers; WordPress is written in php and thus every time you load a page here at MR&HI, code written in php is being run.

A LOT of the Web is written in php, so finding a security issue in that language is significant, but this episode is not so much about one particular flaw as it is about the constant battle between good and evil. This article gets technical fast, but there are a couple of important takeaways that you don’t need to be a geek to understand.

Pornhub offered $20,000 to anyone who could hack them, via the site HackerOne. This was a big enough incentive for a group of hackers to really go after them. They discovered one questionable practice by the programmers of that site, but it took a lot of long, hard work for them to turn that into an actual hack, digging through the source code of php itself until they managed to create an attack that could load and run code on the server.

Immediately they disclosed the vulnerability through responsible channels, earned their reward, and both Pornhub and the wardens of php moved to close the bug. Pornhub paid up the $20K, and HackerOne threw in a bonus.

And even shorter version: Pornhub paid some real dollars and made the Web safer for all of us.

You and I are fantastically lucky that there are people out there who will use their skills for a low-five-figure payoff, rather than exploiting that weakness for potentially millions. These are the white-hat hackers, incredibly skilled people who can write php-unserialize fuzzers to discover “unexpected” responses, but use their skills to make the world a better place.

Eventually these guys will have the hacking weapons that our own government lost control of, and when that happens, the Internet will become far more secure. In fact, if I were king of this country I’d give the good guys those tools right now. It can’t be only the Russians using that stuff. Worth noting: our government has discovered many security holes in the software that makes the world run, and they didn’t report those discoveries, leaving the holes wide open for them (and everyone else) to exploit. Our own government is not White Hat.

When you hear about a new terrible hole in security, remember: that’s when honest people found the hole. It’s geeks like Evonide that found it, and reported it. Often they chased that hole because some site like Pornhub gave them a reason to. So let’s stop and appreciate what the unsung good guys have done for us.

2

Checking Out the Sharks’ next Opponent

While working on, well, work, I’ve got the Nashville-Winnipeg game on. It’s been a pretty good game. Gritty but not dirty, some good skating, each team making the other pay for mistakes. Hockey.

The winner of this game will play the Sharks, after San Jose despoils Cinderella.

I’m not sure who I’m rooting for. On the one hand, Winnipeg may be the most miserable sports city, and as a former resident of San Diego I have to feel for people whose teams always lose the way San Diego teams do, but who also don’t live in San Diego. That would really suck.

But Nashville fans have a song for everything. Seems like every tape-to-tape pass has the fans singing the “Nashville Tape-to-Tape song.” And the whole damn arena sings. It might be the best fan experience in North American sports. (Don’t tell Las Vegas, because dang they’re building an awesome fan experience in the way only Las Vegas can.) Nashville is the hockey arena I’d most like to visit for a game.

On the other hand, I’m more afraid of Nashville. This might be naive; Winnipeg is really good this year. But Nashville has been a problem for a long time now.

On the other hand…

There are an infinite number of hands. I’m enjoying a good hockey game, and both these teams deserve to be here. Either will be a challenge for the Sharks. Either will make for a fun series.

____

A few thoughts about the Sharks/Knights series currently under way:

One of the great things about being a fan of a team is having rivals. I hate the Ducks and I HATE the Kings. Then there’s fuckin’ Buffalo, a hapless team that somehow keeps beating the Sharks (although now we have their best player). Las Vegas is new; they have no historic slights to fume over. I volunteer my team to be the team the Las Vegas Knights fans learn to hate. Step 1: Knock them out of the playoffs.

I call the Las Vegas Franchise the “Las Vegas Knights”. It is a far better name than the official title: the “Vegas Golden Knights”. “Las Vegas Knights” speaks to the character of the town itself; it echoes the allure of being there. It sounds like the title to a novel — or a memoir — or a song — or… It sounds like Las Vegas. Eventually the Las Vegas franchise will fix their name.

Talk about home ice advantage — whoo boy that city knows how to put on a show. To build the drama before the opening game of this series, they had a really cool lighting effect that made it look like a huge shark was swimming under the ice. Of course in their show the shark was eventually slain, but San Jose should seriously steal that effect.

While I think you would be hard-pressed to find a resident of the Las Vegas metropolitan area who agrees with me, there is supposed to be hardship when a team is first getting started. Without that hardship you can’t have fans who can say “I was with the team back when…” It’s the lean times that scar a true fan. (Scars are cool, right?)

I kind of feel sorry for the Raiders, trying to move football into a rabid hockey town.

3

Took My Data Privacy Training Today

The European Union is enacting a new policy concerning the way companies treat the personal information of their customers. Today I went through the training to make sure I understood what those rules meant to me.

Spoiler: nothing new. But there are a lot of other companies in this neighborhood that are probably scrambling. I’ll name names later.

The new privacy training was pretty much exactly the same as the previous data privacy training I have gone through, with the exception that there is a new report to fill out to make the decision process on using customer data visible to the outside world. There is also a new portal so people can see all the data my employer has collected on them, and request that that data be deleted.

But overall, the new privacy regulations in Europe might have been written by my company, they match our existing policy so closely.

Remember back when Google was “accidentally” collecting information about open home WiFi networks? Accidentally in this case means accidentally creating database tables and queries to store that information. I mean hey, accidents happen. That was a while ago, but that shit is really not going to fly now.

Hey! So much for “later”. I’m naming names.

The regulations go something like this:

  1. You have to spell out what you will be using the data for BEFORE you collect it.
  2. You have to protect that data.
  3. You have to let people see the data and tell you to delete it.

The Google thing was years ago. (There are plenty of current investigations, however.) But hey, remember last week when an Android user discovered Facebook was recording the recipient and duration of all his phone calls? Yeah, the beat goes on. In the aftermath of that I downloaded my own information and there were only a couple of surprises, none shocking. Hint: I don’t use Android.

At Google they must HATE Facebook for being so damn sloppy and leaking data all over the place, rather than just efficiently selling it. Regulators are swarming! Maybe now Google might consider putting in place basic security measures to prevent apps from rooting through shit that is none of their business.

My Facebook information was mostly unsurprising, but I suppose it’s possible that in the last few days Facebook has decided that fraudulently withholding some of the data they have collected on me is better than confessing to all of their shenanigans. Ironically, the ability for people to download their information was probably implemented by Facebook to comply with the new regulations. Sadly for them, the more people who download their personal info, the more trouble will arise for Facebook.

I encourage everyone to request a data download from Facebook. And from Apple, and from Google, and from Amazon. Probably Ebay, too, and the list goes on.

For the rest of this episode, I am full-on partisan. Just so you know. But there’s nothing I’m going to say that is not easily documented.

Google has a vast amount of data on you. If you use Google Wallet, downloading your data might be downright scary; if you use ApplePay instead you will find a big empty nothin’ concerning your spending habits. Apple built it so that it was not possible for them to learn anything about you from your spending. It was not easy to do.

I work for Apple. I am proud that my company puts privacy over profit — that HomeKit is slow to be adopted because it protects privacy and home-gadget manufacturers want to profit from personal data (and the hacking-resistance of HomeKit is more expensive to implement — something I’m also fine with), and I am proud that ApplePay was first out of the gate but isn’t growing as fast as the competitors because privacy requirements make it harder for banks to join in. Apple is losing money protecting privacy.

Unless protecting privacy becomes law. Then, suddenly, my employer is in the catbird seat, having built its information structure around privacy from the get-go. Apple has put a lot of systems in place to make sure they cannot collect large categories of personal data. Currently that data is an asset that they are failing to exploit. In the future, that data will be an onerous responsibility for any company that holds it. I hope so, anyway.

2

My Visit to One of the Most Expensive Buildings in the World

Most of the top ten most expensive buildings in the world are opulent resorts or mighty skyscrapers. There is a nuclear power plant in the mix, and then there’s Apple Park. The new headquarters for my company doesn’t soar up to scrape the ionosphere’s belly, and it doesn’t drip with ridiculous lavishness. The cost came not from coating everything with gold but from building to design tolerances that the construction industry simply doesn’t do.

To make everything fit so tightly in earthquake country first meant resting the whole damn thing on shimmy-shake pads. Thinking about that puts the scale into perspective: The building is a ring; the whole of the new football stadium for the San Francisco 49’ers fits in the “garden” inside the ring.

When I first got through security and walked up to the building, the soft morning rain and the sun at my back produced a rainbow that seemed to emerge from the middle of the giant ring. One prone to symbolism might find that portentous. I took a picture, but I can’t show it to you. (I might have cheated but the picture’s not that great.)

Inside, it feels like the future. Like the fictional sets of many, many science fiction movies, but real, and… functioning. Considering that this whole thing was built on so many simulations, so many never-been-done-but-it-should-work-probably ideas, the whole thing has come together quite nicely.

I was on the third floor and I stepped out of the elevator to see the treetops of the cafeteria. The cafeteria was indoors at that moment (there are stunningly massive sliding glass doors — four stories tall — to open the cafeteria to the outside on good days), but it still felt arboreal.

One thing that enhanced that feeling was the near invisibility of the fence at the edge of the balcony looking down. Glass, clean, almost invisible, making me feel like I was floating over the space below. Happily, I am not prone to vertigo.

It is a building that glorifies glass. The stories you may have heard about distracted employees running into walls is true. Glass and pale cool stone define this quiet world.

I walked through the center of the ring, the path making satisfying crunching sounds beneath my feet. I saw places that had not been ready for the recent rains, standing water on top of newly-planted ground cover. And there is no place in the area built with Apple’s beer bashes in mind. (*WHAAT?*) Yet, there was a serenity in those rolling hills that I really enjoyed. I can imagine a monastery feeling that way.

When we started our stroll through the center of the ring the sky was offering a gentle sprinkle, but by the time we got to the path to the duck pond it was dumping rain and I was more inclined to get back inside. From the organic chaos of grass and trees and rain to the quiet, controlled world of glass and stone once more.

The people I was meeting with — now residents of this place — pointed out spots where trim was missing or small finishing tasks were incomplete. I imagine it will be a year or more before the miles-long to-do list is completed.

My group will not be moving to the new campus; even before ground was struck Apple had outgrown its new headquarters. It holds something like 13,000 people — similar to the Hewlett Packard campus that was razed to make room — but where the old buildings stood between parking lots, the Apple Campus leaves much of the real estate for parkland which I look forward to exploring. Apple was named for the local orchards; in part it was Apple’s success that destroyed them. Nice to see at least a few acres of them come back.

I may not work over there, but I will be finding excuses to visit.

2

The Purpose of the Human Race

The other day, as I was riding home from work, I had an interesting thought. One thing about riding as slowly as I do — you get plenty of time to think about stuff.

Although, when the wind is at my back, pretty much the only thought in my head is “Whee!” and when the wind is in my face the cursing leaves no space for other thought. However, during the non-raining wind-from-the-side portions of my ride, I had time to chew on an interesting thought.

It started somewhere on Homestead Avenue, when it occurred to me that the Information Age was the inevitable consequence of being an organism that uses language. Our brains are built to interpret the world around us, breaking it down into the symbols that allow us to communicate abstract thoughts. We are biologically hard-wired to process symbols that represent the world; we are as hungry for information as we are for food.

But we didn’t stop at reducing the world into symbols, we began to recreate the world, using those same symbols as the building blocks. Early religions might be the first recorded attempts at building a symbolic world on top of the observable one, but any good story is a new world.

Facing a rainy headwind while I pushed down Park Avenue (a pleasant street), those thoughts were forgotten for a while, but by the time I reached Bird they had grown. We are now creating worlds entirely out of symbols. Worlds built purely out of language. World of Warcraft is an obvious example.

While WoW is crude compared to the (presumably) atom-based world we occupy most of the time, it’s easy to imagine that as we build ever-more eloquent languages (in this case programming languages and the frameworks that provide them vocabulary, which in turn express the desires of designers who communicate with more traditional languages) we will create more “real” worlds built solely with language.

By the time I’d huffed over the Curtner Hump and turned into the cemetery, I came down to a core question: Is this what we set out to do a million years ago?

Did we grow brains that had language so we could build better worlds, or was the ability to communicate mundane information twisted to introduce fiction? Are those cave paintings we know so well simply recording history, or are they expressing something larger that we all understand — the desire to build new worlds using the symbols we developed to understand the physical world?

What happens, then, when the world is entirely composed of symbols? What comes next? Are we finished?

1

My Last Car

My faithful little Miata is getting long in the tooth; I purchased it new off the lot in the summer of 1999. Eighteen and a half years is pretty old for a car, but these days not exceptional.

Still, after spending the weekend replacing ignition components and discovering oil on my hands more than once, I have to admit that the car is not as mechanically tight as it used to be. It’s only a matter of time before it crosses the line from “reliable transportation” to “hobby”. I don’t need another hobby.

From time to time I peruse the Internet, fantasizing about the car that will replace the Miata. Convertible is an absolute requirement, two seats a preference. There are some pretty cool cars in this space, but the frontrunner remains the Mazda Miata. I could spend a lot more and get a somewhat more exciting car, but the Miata remains an excellent intersection between fun and economy, with no serious challengers.

But boy, that F-type purrs like a kitten. A tiger kitten.

As I consider the expected lifespan of my next car, the expected lifespan of me, and trends in technology, it occurred to me: It’s quite possible that this will be the last car I ever buy. Twenty years from now my driving skills will be degrading, and as long as I live in a town of any size, it’s entirely possible that self-driving on-demand cars will be significantly cheaper than car ownership, especially when you take into account how few miles I drive.

My last car. Wow. But…

I don’t really need to replace the Miata at all. There is almost never a time when both the family cars are out of the garage, and the few times it does happen could easily be handled with transport alternatives. I could rent a convertible for road trips. Perhaps I have already bought my last car. Wow.

Often, when I take the old girl out for a spin, I first have to remove the tool boxes and other items piled on top. Home repair and crafts projects lead me to pull items off the shelving next to the car and put them on the top or on the hood for access.

A typical look at the Miata

Perhaps the next four-wheeled item to occupy that slot in the garage will be something like this:

The next thing to live on the right side of the garage?

1

Fun With NORAD

The United States has a massive array of detection equipment all around the world, watching with never-blinking (we hope) vigilance to detect attacks on the US or our allies. Each year that massive network is also put to the much-more-fun purpose of tracking Santa Claus as he makes his way around the world.

The official tracking site is here, and now sports a fun and interactive way to watch the jolly elf’s progress. What a great opportunity to sit down with youngsters over a globe or an atlas and find Santa’s current location, tracking him over places the kid has heard of but may not appreciate as actual places on Earth. What a fun way to have a little geography lesson!

While you’re at it, you might enjoy reading about how this all started. NPR has a short article about how the Continental Air Command got into the Santa-tracking business. It all started with a red phone ringing on the desk of a man whose job it was to be the first to know if we were under attack. A red phone whose number was top secret. It’s a fun story.

8

Journalistic Bias: Not What, but When

There is a curve when it comes to shocking news about a candidate for office. For a couple of weeks after the damning revelations come out, the candidate takes a hit. Then, gradually, the candidate’s numbers recover. We’re seeing that right now with Roy Moore in Alabama. Voters have had time to rationalize voting for someone they would never let near their own daughters.

We’ve seen the curve with candidates from both parties in the past, from a gleefully corrupt Democrat in Louisiana who had time to charm his way out of the doghouse to a presidential candidate who went down to perfectly-timed accusations.

I think this curve is pretty well-known by now. I’ve heard of it, and I’m the last to hear about anything.

So imagine you’re the editor of the Washington Post. You have an explosive story about a candidate in an election of great importance. That election is six weeks away. The story is ready to go — facts checked, sources cross-referenced and background-checked. It’s legit.

I think it’s safe to say the editors of the Washington Post are not big supporters of the Republican Party in its current incarnation. So if you are an editor at The Post who decides when to run this huge piece, there will be a natural temptation to run it at the most damaging time possible for Moore. There would be a temptation to sit on the story for a couple of weeks, to put the sweet spot of the damage curve right on election day.

The Washington Post did not do that. There’s no way to tell if the timing of the story was based on journalistic integrity or incompetence, but they did not time the story for maximum electoral impact. I think that means something.

5

Flat-Earthers are Punking You

99% of Flat-Earthers actually believe the Earth is round. They’re just being dicks.

They’re taking great pleasure as you prove seventeen different ways that the Earth is round, just to shake their heads afterward and say, “Nope, Earth is flat.” Your continued insistence on proving the Earth is round is just plain funny to them.

Welcome to the 4chan world. 4chan is a place where people will say anything if it pisses someone off. It’s “for the lulz.” 4chan is where gamer gate came from, and the place Bannon recruited at least one of his most poisonous people.

Now they are getting all kinds of attention just for saying the Earth is flat. Virtual high-fives were shared between moms’ basements when a few idiot celebrities jumped on board. Kinda like with vaccines. But here’s what you have to understand: Every attempt to expose them, every attempt to use science to show they are wrong, just feeds them. The better your argument, the more fun the “nope”.

Only an idiot would think the Earth is flat. These people aren’t idiots. They’re assholes.

4

I Got To Use My Router Today

It was a big handyman day at Muddled Headquarters today. Relatively speaking.

For one task I needed to cut some grooves in a couple of pieces of wood. I have the perfect tool for that — a very nice router. The thing is, I haven’t used this machine in well over a decade. So a chore that would take an actual handyman maybe fifteen minutes start to finish took me closer to two hours, stretched over two days. First, I had to go to the store to get the correct bit (after searching for and failing to come up with the correct bit in my storage bins). The shopping trip took longer than necessary because I did self check-out wrong. By the time I got home it was dark, and my workshop is the back patio.

This morning(ish) I was right back at it. I have no idea how many trips I made between the garage and the patio — for instance to change the bit on the router I realized one needs a large wrench. Into the garage I went to grab my inch-based set of wrenches, only to discover that they’re all too small. Back into the garage I went to grab all my plus-sized wrenches from where they hang in an orderly row. That made two trips, just to put the right bit into the router. Then there were trips for clamps and shims and scrap-lumber guides, and a special trip for my ruler-square thingie. Then bizz-bang-buzz I was done.

Putting the router away, I pushed aside the guide attachment that would have rendered much of the other fiddling moot.

But I made the grooves. There is something deeply satisfying about a high-precision cut, the clean square groove at just the right location. Making the cut is almost an anticlimax; getting the cut right happens long before the motor of the power tool starts whirring. Carpentry is in the things you do before the blade touches the wood.

6

The Hazing

It was standard at the firm. When a new scientist or engineer was hired, they were given an impossible problem. Sure, it seemed like a reasonable task at first, until it foundered on the fundamental laws of physics. The really bright recruits would catch on in a week or so; most took longer.

Then there was Harper. Six weeks and counting. Burning the midnight oil, submitting massive computation jobs, cursing when she thought no one was listening.

The board had been nervous about Harper. Her academic performance had been good, but not the level the company expected. But Joe Petersen had had a hunch about her. “Give her a shot,” he told the board. “You won’t be sorry.” Now he would have to be the one to eat crow and admit that he had been wrong about her.

It was not the sort of message one gives electronically. It was late but Petersen knew where he would find his latest hire. He knocked gently on her open door before walking into her office. She was sitting back in her chair, her dark hair a mess, deep circles under her eyes, just staring into space, nodding slowly.

“Hello, Alice,” he said.

She seemed to remember where she was. “Hi, Boss.”

“I owe you an apology,” he said. “The task I gave you —”

“I solved it.”

Even worse than he thought. “The task I gave you. It was impossible.”

“Well of course it required super-relativistic interaction between particles with mass,” she said. “Particles going back in time. I saw that right away. But the way you asked the question… It got me thinking.”

“And…?”

Alice Harper shrugged. “And I solved it. I just sent a naked quark back in time to resolve an ambiguous energy state. On paper at least. Can I go home now? I’m very tired.”

“I’ll see you Monday,” Petersen said.

1

It’s the Same Ol’ Lost-Data Story

In the last week I’ve heard from three different friends who all experienced the same heart-stopping, stomach-emptying feeling of doom. The oh-shit-I’m-hosed, no-going-back, if-only feeling of true loss.

Those friends were separated by thousands of miles, and by gulfs of temperament. They are all united in being intelligent, creative people.

In at least two of the cases, the hours of gut-wrenching agony were replaced with vast relief. But even as they expressed their joy to the world, the did not (publicly) resolve to do anything to prevent the same disaster from striking again. They still aren’t backing up their digital files. Two of the three sphincter-clenching moments I witnessed this week were sponsored by lost flash drives.

Aargh! It’s SO DAMN EASY to back your stuff up these days. And free! Dropbox is brain-dead simple and works everywhere. For most people, why do you even have a flash drive? If you DO have a flash drive, why is this little thing that can drop through a hole in your pocket the sole repository of everything you hold dear? I say again, “Aargh!”

Ok, DropBox isn’t the most private cloud storage around (though it isn’t terrible — way better than Google). You can quite easily encrypt your files on DropBox, or perhaps you would prefer tersor.it. Swiss-based DropBox, basically. And speaking of Google, if you don’t mind who reads your stuff, the Goog’s a ubiquitous and free way to back your shit up.

In the IT world, there is a saying: “If it’s not in three places, it doesn’t exist.” I can forgive someone who only keeps their data in two places.

But one place? A flash drive? Sorry, buckaroo, you’re going to have to take my sympathy with an “I told you so.”

Sometimes, You Just Gotta Go For It

My NaNoWriMo effort this year now includes a character named Dr. Jenkins. She is annoying, but she loves animals, so we can forgive a great deal.

Romance would serve no purpose in this story, but I may have to introduce some anyway. I mean, with a name like Dr. Jenkins, how can I not?

He kissed her neck and Dr. Jenkins let out a sigh. His lips moved up toward her ear, and Dr. Jenkins’ grip tightened on his arms. “Wait,” she said.

Max pulled away. “What is it, Dr. Jenkins?”

“I’ve… never felt this way before,” she confessed. Dr. Jenkins’ heart was beating too hard; she was having difficulty with even the simplest sentences.

“Nor have I, Dr. Jenkins,” Max said, his words just a breathy whisper as he nibbled on her earlobe. “Nor have I. But tonight, Dr. Jenkins, you and I will. Feel that way, I mean.”

Dr. Jenkins surrendered to his whispery voice. With a shudder that came from her very core she bent her lips to his ear, and whispered in return, “You can just call me… Doctor.”

1

Hedging Investments in Las Vegas

Usually gambling is a risky proposition, but occasionally it can be used to reduce risk.

I heard on the radio today that many months ago a Mattress Entrepreneur in Houston, Texas, said, “If the Astros win the World Series, I’ll refund all purchases over $3,000.” Tonight is a big night for Houston-area mattress buyers; if Justin Verlander pitches well a lot of refunds will be forthcoming, to the tune of $5 million.

Mattress Guy emphasizes that most of that liability is covered by insurance — his business is not at risk — but he finds himself in an interesting situation: if a sporting event comes out a certain way, he loses a lot of money. Tonight it looks like he could use a little more insurance.

Las Vegas to the rescue! By placing a substantial bet on the Astros, he can make back some of the money he loses if they win. If they lose both the next games he loses his bet, but he’s not out the five million. By placing a bet he ensures that either way he loses some money, but he won’t lose as much as he would have, should the Astros win the series.

Meanwhile in Los Angeles, one of the big winners in a World Series game 7 are the ticket brokers, and apparently the Dodgers are particularly broker-friendly, releasing tons of tickets into the market. Should there be a game seven, the brokers will make millions. So what can the brokers do to improve the chances of a payout? Head to Las Vegas! By placing a big bet on there NOT being a game seven, the brokers get a guaranteed payout either way.

What these two things have in common is that wagering on the outcome of the game is the exact opposite of gambling. In one case, it is turning a potential big loss into a guaranteed-but-manageable smaller loss. In the other case it’s turning a potential big gain into a guaranteed-but-smaller gain.

Not long ago some kid became famous because he had bet on Auburn to win the college football championship game. At the time he placed his bet, no one thought Auburn had a chance to even reach the game. But holy shit, after a few amazing upset victories there they were. If they won, the kid stood to make something like $65,000. That’s a lot of clams for anyone, let alone a college kid.

Before the game, some Web site took a less-than-scientific poll asking people: Should the kid place a hedge bet to get a guaranteed $30K (less than half of his big payoff), or should he let it all ride? The results of the survey were presented by state — respondents from every state but one said “Let it ride!”. You want to guess which lonely state had a majority of respondents vote “hedge”?

That state was Nevada, of course, where people who gamble for a living reside. Auburn was winning late in the game, but ultimately lost. The kid got nothing. He failed to accept the gambler’s axiom: If you stand to gain or lose significant money over an event that other people are betting on, use that action to eliminate risk. Gamblers hate uncertainty, and feast on greed.

Unlike hedge funds — mutual funds designed to go up when the market goes down but which actually completely fail at that objective — hedge bets are a pretty cold lock, if only for a very specific circumstance. Here’s hoping that matters to one of us, someday.

1

November is Coming

In this entire mad, mad world, there are only a handful of people who have “won” NaNoWriMo every year since 2001. There were about 100 of us who won that year, and the number can only shrink from there.

So while I sit on the third blow-it-up-an-do-it-again exercise with chapter 40 of Knives, I’m also looking at November, trying to decide if my reason to participate is habit, pride, or actual creative need.

But I thought of a good moment, and the moment led to a couple of characters with a very small struggle in a vary large universe that cares not what becomes of them. Characters which, for the sake of dragging things out to 50,000 words, will have to stumble across some other, contrived, larger struggle.

In December I can maybe produce a smaller story that fits them better.

1