Flatland: A Romance of Many Dimensions

Το “Flatland” έχει ξαναφερθεί στο blog. Με χαρά διαπιστώνω πως υπάρχουν δύο εκδόσεις online στο Project Gutenberg και μία στο epubBooks.

disconnected

These days I am trying to disconnect (from a lot of things, not just from the Net).

(→)

“Information wants to be free”

“But such is the irresistible nature of truth, that all it asks, -and all it wants,- is the liberty of appearing”

Written in 1791 by Thomas Paine.

WorldWideWeb – Executive Summary

In August 6, 1991 Tim Berners-Lee posted his “WorldWideWeb – Executive Summary” on the USENET.

Five Theses on Security Protocols

Inspired by recent discussion, these are my theses, which I hereby nail upon the virtual church door:

1 If you can do an online check for the validity of a key, there is no need for a long-lived signed certificate, since you could simply ask a database in real time whether the holder of the key is authorized to perform some action. The signed certificate is completely superfluous.

If you can’t do an online check, you have no practical form of revocation, so a long-lived signed certificate is unacceptable anyway.

2 A third party attestation, e.g. any certificate issued by any modern CA, is worth exactly as much as the maximum liability of the third party for mistakes. If the third party has no liability for mistakes, the certification is worth exactly nothing. All commercial CAs disclaim all liability.

An organization needs to authenticate and authorize its own users; it cannot ask some other organization with no actual liability to perform this function on its behalf. A bank has to know its own customers, the customers have to know their own bank. A company needs to know on its own that someone is allowed to reboot a machine or access a database.

3 Any security system that demands that users be “educated”, i.e. which requires that users make complicated security decisions during the course of routine work, is doomed to fail.

For example, any system which requires that users actively make sure throughout a transaction that they are giving their credentials to the correct counterparty and not to a thief who could reuse them cannot be relied on.

A perfect system is one in which no user can perform an action that gives away their own credentials, and in which no user can authorizes an action without their participation and knowledge. No system can be perfect, but that is the ideal to be sought after.

4 As a partial corollary to 3, but which requires saying on its own: If “false alarms” are routine, all alarms, including real ones, will be ignored. Any security system that produces warnings that need to be routinely ignored during the course of everyday work, and which can then be ignored by simple user action, has trained its users to be victims.

For example, the failure of a cryptographic authentication check should be rare, and should nearly always actually mean that something bad has happened, like an attempt to compromise security, and should never, ever, ever result in a user being told “oh, ignore that warning”, and should not even provide a simple UI that permits the warning to be ignored should someone advise the user to do so.

If a system produces too many false alarms to permit routine work to happen without an “ignore warning” button, the system is worthless anyway.

5 Also related to 3, but important in its own right: to quote Ian Grigg:

*** There should be one mode, and it should be secure. ***

There must not be a confusing combination of secure and insecure modes, requiring the user to actively pay attention to whether the system is secure, and to make constant active configuration choices to enforce security. There should be only one, secure mode.

The more knobs a system has, the less secure it is. It is trivial to design a system sufficiently complicated that even experts, let alone naive users, cannot figure out what the configuration means. The best systems should have virtually no knobs at all.

In the real world, bugs will be discovered in protocols, hash functions and crypto algorithms will be broken, etc., and it will be necessary to design protocols so that, subject to avoiding downgrade attacks, newer and more secure modes can and will be used as they are deployed to fix such problems. Even then, however, the user should not have to make a decision to use the newer more secure mode, it should simply happen.

Perry
—
Perry E. Metzger perry@

Posted on the cryptography mailing list at Jul 31, 2010

You’re welcome

Today is the 11th Annual System Administrator Appreciation Day. Make some time and go thank your system administrator. It will buy you 364 days of less BOFHiness and non-grumpy support. It will actually show to your system administrator that his unpaid overtime and weekends in the terminal room, are really worth the effort.

Not only is System Administration a thankless job, it is also considered an unneeded burden, a low profile and accordingly paid service. There are even people under the illusion that cloud computing will make system administration obsolete. For them I paraphrase what Bob Lucky wrote in May 1998: System Administration will be in danger of shrinking into a neutron star of infinite weight and importance, but invisible to the known universe. Do you really want to make a handful of us that important for you?

Who do you think is going to administer the Cloud? A system adminisrator. And, again to paraphrase Bob Lucky from the same article, that System Administrator will be extremely well paid, and his or her every demand will be immediately satisfied. That engineer will be the last keeper of the secret of the (cloud) universe: The Root Password.

To those who really do not see it, the Cloud does not make System Administration obsolete. It only changes the way it is practiced. There are Systems built on and into the Cloud that need administration. What the developers of those systems do not see, is themselves becoming the system administrators of the systems (with increasing complexity and dependencies that) they build.

Go and thank your system administrator today. Really do. He does provide you with at least an above the average service. For if he does not, you cannot even begin to do your job, no matter how important (or urgent) you think it is.

You’re welcome.

Cybersyn

Πρωτοδιάβασα για το Cybersyn σε αυτό το blog post του Mike Trick. Πρόκειται για ένα τηλεπικοινωνιακό δίκτυο που έστησε στη Χιλή η Κυβέρνηση του Αλιέντε με μηχανές telex (που βρήκε σε αχρηστία από την προηγούμενη Κυβέρνηση). Project manager του έργου ήταν ο Stafford Beer (ένας πρωτοπόρος της Επιχειρησιακής Έρευνας που πίστευε στο συνδιασμό Cybernetics και managemet). Το έργο έτρεξε από το 1970 έως και το πραξικόπημα του 1973.

Όπως φαίνεται και από το άρθρο του Guardian η μεγαλύτερη επιτυχία του έργου ήρθε στην απεργία του 1972 με 50000 φορτηγατζήδες να κλείνουν δρόμους:

Food and fuel supplies threatened to run out. Then the government realised that Cybersyn offered a way of outflanking the strikers. The telexes could be used to obtain intelligence about where scarcities were worst, and where people were still working who could alleviate them. The control rooms in Santiago were staffed day and night. People slept in them – even government ministers. “The rooms came alive in the most extraordinary way,” says Espejo. “We felt that we were in the centre of the universe.” The strike failed to bring down Allende.

Θυμίζει κάτι αυτό; Το Cybersyn και 200 φορτηγά πάντως τα έβγαλαν πέρα. Στη δικιά μας περίπτωση τα φορτηγά και τα βυτία επιτάσσονται, αλλά ακούω πως δεν είναι εύκολο να ελεγχθεί εάν θα τηρηθεί η επίταξη καθώς δεν υπάρχει ο κατάλληλος μηχανισμός (δεν ξέρω, μπορεί να είναι και λανθασμένη η εντύπωση αυτή).

Μέχρι να εκδοθεί από το MIT Press το “Cybernetic Socialism“, το οποίο και θα περιγράφει την ιστορία του Cybersyn, ίσως θα είναι χρήσιμο να μεταφραστούν από κάποιον τα τμήματα της τεκμηρίωσής του που είναι στα Ισπανικά.

Μπορεί να μάθουμε και κάτι.

Update: Ένα λεπτομερές blog post για το Cybersyn.

GPS info

Χρειάστηκε σήμερα να πάω σε ένα νοσοκομείο που δεν ήξερα που είναι. Είχε ιστοσελίδα και βρήκα τη διεύθυνση. Περιέργως, το nuvi ενώ είχε το δρόμο, δεν είχε τους πρώτους 100 αριθμούς της οδού.

Δε θα ήταν καλή ιδέα εάν νοσοκομεία και λοιπά δημόσια κτίρια (δημαρχεία π.χ.) εκτός από την οδό, είχαν και το GPS location στη σελίδα επικοινωνίας; Οι χάρτες που έχει κάποιος στο GPS παλιώνουν, οι οδοί αλλάζουν ονόματα, κατεύθυνση και αρίθμηση, τα web site δεν ενημερώνονται, αλλά το στίγμα μένει σταθερό.

BeBook Mini: Μετά το πρώτο βιβλίο

Πριν κάτι μήνες αποφάσισα να πάρω ένα eBook reader. Βασισμένος σε ένα άρθρο του Peter Viscarola στο NT Insider και σε αυτό το post του Κώστα, ήμουν ανάμεσα σε κάποιο BeBook ή κάποιο Cybook. Επιπλέον, για eBook reader και λοιπά accessories, δεν ήθελα να ξοδέψω περισσότερα από €300. Κατέληξα στο BeBook Mini (με οθόνη 5″). Reader + 1 κάρτα SD 2G ~ €260. Ακολουθούν σκέψεις για το reader μετά την ολοκλήρωση της ανάγνωσης του πρώτου βιβλίου σε αυτό.

Μπορείτε να παραβλέψετε το ελληνικό manual.
Το BeBook έρχεται φορτωμένο με μερικά βιβλία (30 στα Ελληνικά) από το Project Gutenberg και με 8 βιβλία από τον Καστανιώτη.
ePaper rocks! Έχω μείνει απόλυτα ενθουσιασμένος από την απεικόνιση.
Είναι ανθεκτικό στις πτώσεις. Μια κυρία στο λεωφορείο το χύπησε κατά λάθος, προσγειώθηκε με την οθόνη και δεν έπαθε τίποτε.
Δεν είναι για όλα τα PDF ή τουλάχιστον για τα περισσότερα που με ενδιαφέρουν (και που έχουν δίστηλα, σύμβολα και σχήματα). Από την άλλη, εάν το eBook είναι φτιαγμένο για αυτές τις συσκευές, είναι εξαιρετικά ευανάγνωστο και δε χρειάζεται να καταφύγει κανείς σε zoom ή rotation για να μπορέσει να το διαβάσει.
Εάν επιθυμεί κανείς ένα general purpose PDF reeader, να αγοράσει ένα iPad. Καταλήγω στο συμπέρασμα πως οι ιδανικές διαστάσεις για μια τέτοια συσκευή είναι κοντά σε αυτές του A4 ή του US Letter. Οτιδηποτε άλλο σημαίνει πως ο χρήστης κάνει υποχωρήσεις.
Το BeBook Mini, συνεργάζεται άψογα με το Adobe Digital Editions. Είναι επίσης ορατό σαν εξωτερικός σκληρός δίσκος.
Σου δίνει την επιλογή να ανοίγεις PDF είτε με το Acrobat Reader, είτε με το XPDF, αλλά μερικές φορές το να κάνεις switch από το ένα στο άλλο δεν είναι προφανές.
Αναρωτιέμαι, μια και όλοι όσοι κατασκευάζουν eBook readers τα δίνουν μαζί με κάποια βιβλία από το Gutenberg, εάν κάνουν και δωρεές σε αυτό.
Το μηχάνημα έχει και MP3 player και δυνατότητα για text-to-speech. Δεν τα έχω δοκιμάσει.
Με τη μπαταρία να αντέχει 7000 “γυρίσματα” σελίδων, δεν είναι ανάγκη να κουβαλάει κανείς φορτιστή στις διακοπές.
Διάλογος συναδέλφων στη δουλειά: “Ωραίο είναι. Τρέχει Debian;”, “Όχι ρε, τρέχει Acrobat Reader”. Για να είμαστε δίκαιοι τρέχει Linux 2.6.21.7.
Είναι εξαιρετικά εύκολο στο χειρισμό του.

Μέχρι να βγει κάποιο tablet που να τρέχει Android και να παρέχει κάποιο συνδρομητικό service στα Google Books (συμπεριλαμβανομένων και αυτών που είναι “κλειστά”, wishful thinking) είναι μια χαρά επιλογή για διάβασμα στο λεωφορείο.

Update #1: Μια χαρά τα λέει ο Steve Bellovin.

Update #2: Introducing Google eBooks: more than 3 million titles from your choice of booksellers & devices http://goo.gl/iEdK1

/* Now reading: Conquest in Cyberspace */

The Principles of Scientific Management

I was intrigued to read “The Principles of Scientific Management” after reading Gene Woolsey’s “Real World Operations Research” and Bob Emiliani‘s “Lean behaviors” [in PDF]. I read the eBook version from eBooks.com (only to find out later that it is also available online at least here and here).

The book is old and it shows. The first part of the book, which focuses on the basic principles of scientific management, is highly interesting and sometimes makes one wonder why are we not taught such stuff:

Develop methods based on scientific study for each element of a man’s work, which will replace the old rule-of-thumb methods.
Scientifically select and then train, teach, and develop the workmen, whereas in the past they chose their own work and trained themselves as best they could.
Cooperate with the men so as to insure all of the work being done in accordance with the principles of the methods which have been developed.
There is an almost equal division of the work and the responsibility between the management and the workmen so that the managers apply scientific management principles to planning the work and the workers actually perform the tasks.

The second part though (examples of applications of scientific management by the author and his colleagues) is a little bit boring since its domain (handling pig iron) is way out of my interests. The Wikipedia page on Scientific Management includes heavy criticism on its application (which is not unfair). However, the author warns that it [scientific management] is a process that takes a long time to install and one should not try to implement it faster. Both Woolsey in his papers collection and Emiliani note that a lot of people have not totally understood the methods and this results in the criticism. Emiliani in particular notes that the managers’ need for short-term results undermines the whole set of ideas and leads to their misapplication.

All in all, it was not a waste of (bus) time, but if anyone is interested in such stuff, I would recommend they spend their time reading “Lean Behaviors“. More current, easier to read and to the point with regard’s to Taylor’s ideas (I always carry a printed copy of it in my bag).