September 28, 2011

Basic Human Decency

Most mornings, on my way into the office, I stop at a McDonald's a few steps from the metro stop in Chinatown for a McCafe Mocha Frappe'. It's cheaper than Starbucks, and as long as I tell them to blend it a little extra, it's a fine drink. The machine doesn't blend the ice well enough on the timed setting it has for the blend cycle, so if you get one, I recommend you ask for them to blend it a little extra. This morning, as I was grabbing a straw, I noticed a customer behind me in a wheelchair (one of those automated ones that look halfway between a scooter and a wheelchair - with a motor in the back like you see in stores such as Walmart, but without the shopping cart attached to the front.) A graying middle-aged man with a beard sat in the chair, a bit overweight and with a dour expression on his face; he had placed his order just after mine. As I was extracting the straw from its paper sheath, I overheard the server apologize to him for some slight, "I'm sorry, sir." With a testy voice and a loud huff, the asshole in the wheelchair exclaimed "I'm sorry - those words mean nothing!"

A rage ignited in my heart in that instance. How dare this bastard ruin the day of that minimum wage employee! For the simple error of either forgetting to include a condiment, or perhaps the dastardly mistake of not placing the customer's order close enough on the counter for him to reach it, the spirit and soul of the server was to be crushed by harsh and blackened poisonous cynicism! What cruel and callous commentary spewed forth from the dark heart of someone who was perhaps having a black life and a bad morning, etching its venomous attitude on a potential carrier of such a bad temperament. The rider drove off into the morning, and no one, not even I, rooted by the temporary paralysis of shocking revelation, stopped him to counsel him in common courtesy or given him a lesson in basic human decency.

By the time I exited the establishment, the foul-mouthed fiend had ridden off perhaps two tenths of a mile in the direction opposite from my own destination, and I chose not to pursue. However, I know that I, and others present for his display of discontent, will have been affected today by his disgusting display of dissension. I can only hope that it did not infect the server so that it could perpetuate throughout the day and bring down the spirits of others he may run into.

August 14, 2011

Returned from vacation

We've just gotten back from Orlando, where we spent a week.  We visited Epcot, Magic Kingdom, Universal Studios and Islands of Adventure.  We also saw The Blue Man Group and went to Wonderworks in Orlando.  We have a timeshare, so we traded for the resort, and it was pretty nice with a king-sized bed and a jacuzzi (which my feet welcomed after walking through parks all day).  While it was hot and rainy two of the days, there was no great downpour that prevented us from doing anything specifically.  Umbrellas were probably the wisest thing we packed, both for the sun and the rain.  I don't know why we always end up in Florida in the summer - probably because of the prices.

Some advice for anyone going to the area.  Avoid the ticket booths on the side of the road.  Even those that say they have official tickets.  A) You're lucky if they have any tickets and B) They won't tell you the caveats until they've already run your credit card.  A quick rebate and a wasted hour and a half and we just went to the parks.  All told, I may have saved $50, but I would have had to rework my schedule and deal with people I'd rather not.  And who knows if the tickets would even have gotten me in the gates.  Anyhow, lesson learned - My time is worth more than a 15% discount.

Took some pictures - once the house painters are out, I'll be able to download and catalog them.  For right now, I'm stuck at a library computer for Internet access (or my iPad).  Vacation was good and got me to relax quite a bit, but now that I'm back, things are as frazzled as ever.  House painters have moved all of my furniture to the middle of the rooms to paint, and we've disconnected everything in the house.  My dog is stressed out with all of the activity, but at least we're back to soothe his nerves.

August 03, 2011

House Wanted

We're currently in the market for a house in the Northern Virginia area, and we've been looking for quite a while. We have some criteria that, at first blush, might not seem so difficult to meet, but, when taken in aggregate, seem to be impossible. The majority of homes in the area are Colonial in style, with 4 bedrooms, formal living and dining rooms and little room between the home and the neighbor. All of these things are negatives that we have to work against as we look at houses.

As you drive up to the house, you should see a stone or bright-colored brick front home, with a 2 car garage that you enter to the side of the home. The driveway should continue on in a circle around in front of the home. A courtyard driveway to the front of the house (side loaded) is also desirable.

When you walk in, there should be a foyer with a presentable staircase (winding would be best) and upstairs wood railing to look down onto the foyer. A large chandelier should hang in the arched window above the front door.

The hallway to the kitchen and family room should be wide and open. The home should never feel claustrophobic.

We would like a home that has a huge master bedroom with a sitting area between the hallway and the bedroom. A large walk-in closet should also be present, with room enough for a sitting bench or dresser table in the middle of the closet. The bathroom needs to have a large enough shower for a grown man to be able to towel off in (dual-opposing-shower heads preferred).

There should be a library/study off of the family room, with room for a minimum of a desk and 5 bookcases, with room to walk around.

Update: We've found the home - this was a draft rant that I never published..and my thoughts here are incomplete.  The rant was to continue on to discuss the lack of need for formal living and dining areas and how the flow of life has changed from the 1800s to today and how modern architecture seems unable to keep up with our changing lifestyles.  Of course, now that the passion has worn off - less important to rant on about it all.

Internet Access as a Commodity

There are a couple of points of disagreements between consumers and Internet Service Providers, and some of these issues are easily resolved, while others become contentious due to their interrelation to the other issues.  The big three are:

1. Bandwidth metering - lack of available consumer tools to measure bandwidth used (even while bandwidth is being measured by the ISP, this information is not available to the end-user.)  Metering is an important aspect for any utility.  Just look at water, electric and natural gas which are also piped in to our homes.  Connectivity should be treated as a commodity, just as these physical commodities are metered, so should our digital service.

2. Bandwidth caps - As the world has moved from point-to-point communications paths to packet-switched communications, the congestion caused by overselling of downstream connectivity causes a battle between the consumer and the service provider.  This is similar to infrastructure engineering in other industries, such as water and electrical companies, where the available resources are not there to provide 100% service to all customers at the same time.  If every person in New York City decided to flush their toilets at exactly the same time, the load on the city's water and sewage infrastructures could cause some serious issues.  The same problem exists in the digital world.  The pipes that come into our homes today are capable of incredible speeds, but the expectation of usage of that digital pipe is a fraction of its capacity during normal usage.  The up-channel piping also isn't big enough to carry the load.

However, there is an important difference when it comes to Internet service.  In a physical commodity space, the physical infrastructure will break if it overflows.  Pipes can burst, mountings can come undone, electrical conduits can heat up or blow up and gas pressure can cause serious damage to the system.  On the Internet, the excess traffic can merely be dumped on the floor.  That's something you just can't do with raw sewage, but in a digital world, the network traffic will disappear.  In fact, the Internet infrastructure is DESIGNED with this flexibility in mind.  From the routers (and QOS settings in the packets) to the protocols themselves (TCP retries when traffic gets lost, ICMP messages, and so on), the Internet is designed for overflow and failure.  The service providers have the capability and should have the know how to be able to control bandwidth in such a way that everyone gets their fair share of it, even when the overflow is occurring.

Example: Clients A and B both have a 10Mb/s pipe and ISP has a 15Mb/s uplink.  Client A uses his connection all of the time, while Client B only uses it on occasion.  The ISP has the capability to begin marking Client A's traffic once he has reached some set limit of traffic, perhaps 100GB for the month.  Now, Client A and Client B both attempt to transfer a movie at the end of the month.  Because Client A's traffic is marked, when the uplink needs to determine whose traffic has a priority, Client B's traffic has a better chance of getting through.  The pipe still services both Clients, but Client A finds more of his traffic being dumped on the ground due to his usage for the month having marked him as a hog.  At full capacity, Client A is still going to receive 5Mb/s service.  The speed downgrade will only be as long as Client B is using his full pipe.

In summary, bandwidth caps are a tool, and should not be absolutes for customers.  ISPs don't have to pay extra for each bit they transmit to the central routers.  They pay for certain uplink speeds, whether they fill their pipes or not.  The tools exist to ensure that each client gets a fair shot at that bandwidth, and with competition, the free market should ensure that they don't undersubscribe too greatly.  Bandwidth caps to consumers should be expressed as the point where their service may be downgraded as necessary.  Users should be taught to understand the limitations of the Internet and uplink oversubscription and this is a good tool for that education.  Coupled with bandwidth metering, they can monitor the level of service they receive and understand why it gracefully downgrades with overuse.

3. Net Neutrality - Inexorably linked to issue #2 is the result of engineering choices when it comes to managing the  oversale of network bandwidth.  The ISPs have, in the past, decided that because the consumers who are most likely to use the most resources are using them for nefarious purposes that they can control oversold bandwidth by cutting out anything they think is nefarious.  Unfortunately, this captures the innocent in their nets.  As an example, P2P mechanisms are used by pirates to transfer and share files on the Internet.  Those same protocols are in use by game companies to distribute patches to their millions of users. It is near impossible for the ISPs to constantly be aware of which P2P connections are being used for lawful vs. unlawful purpose.  In attempts to control the unlawful behavior, it is too easy for them to cut off harmless transmissions and degrade the very service they are trying to enhance.

Making decisions on what traffic to pass and what traffic not to pass gets the ISP into the liability game.  Should they put a restriction on traffic you're using to drive a heart monitor, for example, when it looks like you're hacking into a medical center, would be a potentially disastrous action.  ISP's should be able to avoid liability altogether by ignoring the flavor of the traffic that they provide.  Each and every packet delivered from and to their customers should be treated equally, provided the user is behaving in agreement with their Terms of Service.

There is one exception to this filtering that I believe to be important.  IP Protocols have a source and destination address.  I believe there to be both a need and a responsibility to the community that source addresses be verified as coming from a subscribed connection (i.e. If I am an IP provider, I should be checking to ensure that the source address of IP traffic coming from your connection is actually advertising as being sourced by the address I have assigned to you).  I would love to hear argument or commentary that argues against this, but IMHO ingress filtering is a long overdue and necessary component to keeping the Internet safe from the 'bad guys'.

Common Sense - 2011 [Historical Perspective]

It is expected that people who enter into political discourse have at least a working knowledge of the political history of this nation.  Unfortunately, failure to have this adequate understanding can lead to false assumptions and blatant misunderstandings.  I would like to make an attempt to right this wrong by attempting to bring some common sense ideas back into the domain of political discourse.  In order to do this, it is necessary to begin with a historical perspective.  After discussing and MODIFYING this historical perspective based upon inputs and suggestions from others [I am no history teacher!], this perspective will be used as the basis for a common sense discussion of modern political ideas.  Your contribution/comments are expressly requested.


The ideas upon which our great country were founded are simple; so simple as to be summed and expressed in the ideas inscribed upon a few pieces of parchment.  The first of these was delivered to the oppressive government of England.

In the Declaration of Independence, the rebels and founders of our nation declared that governments are meant to serve the needs of the people, not the reverse.  As all people are equal and all people are granted natural rights by virtue of their birth, when the governments (although these people may have designed them) usurp the safety and security of those whom they govern it is the right and responsibility of those same people to throw off that government and create a new governance.  This paper then goes on to list the oppressive behavior of the government of the time and its behavior found abhorrent to the people of the colonies.  At the end of this long list, they declare that they are exercising that right and responsibility to throw off the current governance in order to create their own.

Important Concepts here:

  • People have natural rights by virtue of their existence.
  • People create the government to ensure their own safety and security.
  • People have the right to change their government when they're not happy with it.
  • The United States was FOUNDED upon these principles and is key to what our nation is.

And then, my friends, was established the government that America forgot.  Well, most of America.  You see, George Washington was not the first President of the United States.  He was the first President of the nation that was created under the Constitution, a restructuring of our government that took place in 1787, 11 years after we had shrugged off the bonds of English rule.  John Hanson, unanimously elected to the role of President under the Articles of Confederation, was our first President in 1781.  The Articles were proposed in 1776, but was not ratified until 5 years hence (and you thought the debt ceiling debate took too long...).  You see, the Articles of Confederation created a government that didn't work for the United States.  Too much power was granted to the states, and there wasn't enough unity to hold the country together.  Modern America seems to forget that the creation of a perfect government is impossible, and that it is necessary to upset the apple cart to pick a new crop every now and again.

Important Concepts here:

  • There is much more to the historical perspective of our government than most people realize or remember.
  • The United States began with a government that didn't work, and it was discarded.
  • The United States exercised the same right to rediscovery on its OWN government soon after its creation.

For the past 225 years, the Constitution of the United States has served us well.  The structure of this document allows for a flexibility that has enabled us to keep up with modern philosophical thought and to extend the government to encapsulate our spiritual and intellectual knowledge.  'All men' has grown to mean 'all adults' of all races and creed and the practice of slavery was abolished.  Voting rights were extended to the entire populace rather than the wealthy land-owners, and we had a grand experiment and failure in trying to impose a restriction on alcohol.  These are amendments that we all remember, but there are more that we do not keep in mind.  Indeed, the very Constitution itself has some very exciting clauses that are also lost to time.  For example, while many people understand that interstate commerce is not taxable, they may not realize that this is a constitutional construct (Article I, Section 10).  Also lost to time is that the state legislatures may request amendment of the Constitution, without the need for involvement of the Congress itself (Article V).

Important Concepts here:

  • The structure of the Constitution is such that it permits and welcomes change.
  • The writers of the Constitution included language that allow for the collective state governments to change it.
  • The realization that governmental change is needed is core to the formation of this government and is KEY to its survival over the years, as demonstrated through the change we've undergone.
  • The state governments have a say in how the federal government is constructed and run.
In addition to understanding the historical perspective and role of the overall federal government, it is also important that those involved in the discourse of Common Sense actually share in some 'common sense' beliefs.  In my next post, "Common Sense - 2011 [Spiritual and Intellectual Requirements]" I hope to examine a common ground upon which most centrist thinkers should be able to stand.

July 14, 2011

Format matters

Just a thought.  The format that you present something in really matters.  This occurred to me as I was thinking about the Seth and Amy skit "Really?" that they performed on Saturday Night Live as part of the News skit.  This is a joke that's funny for about a second.  Unfortunately, they perform it for longer, and it's just [really!] annoying.

Maybe that's supposed to be the joke - if so - just call me old cuz I don't 'get' it.

June 28, 2011

Life is too short and so are 24-hour days.

I have looked into modified sleep schedules, purportedly used by DaVinci and other historical greats, with the desire to make more of my awaken time by making more of it. Modified sleep schedules supposedly allow the practitioner to get by on 3-4 total hours of sleep per day, by modifying the sleep cycles into multiple small power naps throughout the day. Of course, this plays havoc with anyone with a regular job, since scheduling meetings and other activities have to be taken into account, and with less sleep, more rigor is needed to ensure you get it.

I have yet to find any compelling evidence that suggests that any of these sleep schedules can be adhered to or that they increase productivity. I do know that by the time I am done for the day about 10PM, I am usually DONE for the day. My thought processes are mush, and I actually fall asleep at the keyboard while trying to get in just a few more emails or online posts. This could be due to a number of factors, including being slightly overweight and my age, but I can't help wondering just how productive I would be with even MORE sleep debt than I already carry. I'm getting about 6.5 hours a night now during the week. The modified schedules are supposed to help by allowing the body to deal with the sleep deprivation more often, though.

There's just not enough hours in the day to deal with all of the things I've taken on, but there's even more things I'd like to do. I can't remember the last time I had an hour to devote to piano practice, for example. Cutting down on my hobbies is something I have battled my whole life. It's part of why I'm halfway good at a good many things, rather than expert at any one thing. Whether it's an inability to focus, or just the absence of a desire to do so, is a question I should likely be asking a psychologist to evaluate.

As you get older, though, your responsibilities weigh on you as more pile on over time, and they seem heavier, even though you're the one who's changed. We keep thinking that financial independence is the key to relieving the pressure, but even my retired mother has yet to actually stop working, so that doesn't seem to be the answer.

Well, if you've got the answer, let me know..I'll be here, trying a few dozen new things before I fall asleep at my desk...

- Posted using BlogPress from my iPad

June 27, 2011

DC Commuting - The Slug's Perspective.

6:28, I'm sitting in the back of someone's two-seater, heading for DC on I-395N in the HOV lane. I left my house about fifteen minutes ago, and drove 2 miles to a local commuter lot. After standing in line, I got in the first car that called out my destination. I've never met the driver, and we won't speak the whole way in. She's got some kind of religious radio station on that I'm steadfastly ignoring as I type on the iPad. Today, I forgot my earbuds, so no music is being piped into my ears.

6:33, just getting into Shirlington now, most of the way to the Pentagon, probably the most traveled destination in DC during the morning rush, at least for sluggers like myself. Once I get dropped off there, I'll grab a metro train to get to work. Today, I should arrive on time at 7A.

With the addition of the iPad to my commute, I feel almost like I'm being chauffeured to work. I've been commuting this way for more than 19 years, from various points south, and I have never had a problem getting to or from work. It's been a good time to sleep or read, listen to music, etc.

6:39, pulled into the Pentagon parking lot - assuredly much faster than if I'd driven it myself, and I won't be paying for parking or the ride. Riding to work this way saves me gas, parking and headaches. When traffic does back up, infrequently on the HOV lanes, I just take the time to doze off as the driver deals with the stress of the road. I easily save $200 or more a month on gas and parking fees.

6:52 Metro car pulls into my station downtown. I grab my umbrella and my lunch and head the two blocks to my office... A little exercise to get my blood pumping...

- Posted using BlogPress from my iPad

June 25, 2011

Marine Corp Museum

An interesting day visit outside of Washington DC is The Marine Corp museum in Quantico, VA. If you happen to be in the area and have the opportunity, it's a great museum for those interested in Marine Corp history. Directly across from the Quantico Marine Base off off Route 1, access from I-95 is a simple exit and very short drive. The museum is free to access and plenty big for a few hours visit, with plenty of OO-rah merchandise in the store. Lots of photo opportunities, and classes of Marine officer trainees are fun to watch unload onto buses when they visit...we just drove past the museum and I remember my few trips there.

- Posted using BlogPress from my iPad

Location:Jefferson Davis Hwy,Quantico,United States

June 10, 2011

The Thought Police

Have the Thought Police arrived? I give you as food for thought - this article regarding the arrest of 'members of the group Anonymous'. I am fairly certain that Anonymous is not a 'group' in the sense of the term that is normally used when referring to other infamous groups, such as 'the mafia', 'the Yakuza', 'the Senate' [see what I did there?]. Membership in the group 'Anonymous' as I understand it is open to anyone who is of similar thought. The group has no leader, and activity is normally sponsored by factions within, where consensus is what brings force to bear, with minimal planning and coordination. People who participate use the masks of Guy Fawkes - as dramatized by the movie 'V' as being a way for the general populace to show support for the actions of a leading antagonist. If the participants of the general populace merely demonstrate support for a thought or action, are they then liable the same way that they would be liable through conspiratorial conduct?

Have we come full circle in democracy to fighting the will of the people against the establishment, punishing those who show support for anti-establishment activities, legal or illegal? If you cheer 'the villain', are you now a member of a conspiracy? In the United States, will we use the RICO act to prosecute you for flaunting your agreement by wearing the mark of the criminal even if your actions are not illegal?

Unless the parties that were arrested are guilty of committing actual crimes, their arrest merely for being member of the group 'Anonymous' would entail the police having acted to curtail the showing of support for their ideas....The article does not give enough details, and is certainly slanted to lead the belief that Spain has arrested people merely for their stance. Even the image suggests only that those arrested wore Guy Fawkes masks - hardly a crime in any civilized country...

May 30, 2011

Fisher Random Chess

Over the weekend, I've had the opportunity to play a lot of online chess, and many of those games are still ongoing. I've been fortunate to win 12 out of 12 of my first games, but know that my streak will end soon. I have had great fun playing these particular games, because they are of a strain known as Fisher Random Chess or Chess960. The pieces on the back row are randomly placed (ensuring only that there is one bishop of each color). It appears that many of my opponents were caught off guard by the games, as comments bear out. However, it is spelled out in the game invites, so it's not like I was hiding anything from them. I play over at, which is also reachable through Facebook. If you'd like to play a game, send a challenge over to rgautier.
What I really enjoyed about these games is the absence of preplanned openings. The games are extremely tactical in nature, and the spirit of the fight is well preserved in this version of the game. You are on your guard from the first move, and find yourself constantly searching for the kill. The games are exciting with plenty of gotchas waiting around the corner. Focus too much on strategic movement and the quick tactic will take you out quickly. If you play chess and you haven't played this variation of the game, I strongly urge you to try it. And if you have an iPod or iPhone or iPad, download the free app from and invite me to a game. I'd love to play you.

May 20, 2011

Success and the CEO

There are some corporations in the world that are destined for success. Others flounder to even make a dent. What makes the difference between these companies? Is it their products, their opportunities, or their personality?

The CEO of an organization is CRITICAL in establishing the personality of a company. It is this personality that makes all of the difference in how the company acts, whether the company succeeds, and whether the company is a star. And that personality is usually linked to what job the CEO is doing (no, not how good of a job...WHICH job).

Let's take some examples for discussion:

Apple Corp - Steve Jobs is primarily a usability tester and product visionary. Think about what Apple is...the results of user-focused device development.

Facebook - a company with thousands of function points and in constant growth...the product of the fanatical software developer that leads it - Mark Zuckerberg

Microsoft - what it used to be vs what it is now - great example of a company that used to be driven by madman software developer Bill Gates. Now being driven (to its grave?) by Steve Ballmer - no longer focused on generating software to meet business needs - now focused on what? Ray Ozzie is probably asking that question as he reinvents himself. Exactly - you have no idea, because neither do they. Steve seems more worried about being the consultant than what kind of company they are.

IBM - Stuffy and exacting - definitely a company led by college-trained engineers.. Too bad that's not what the general population wants or needs or they'd have a more complete market share. With open source biting into their marketshare more and more every day, they're turning into consultants rather than tech leadership...just like MS.

May 05, 2011

Draft Position: Is Possession 9/10ths of the Law?

I have had debates with friends before about 'Who owns your data?' I would like to think it out and document my own position here (in my blog). The position leads from the hypothetical situation wherein a user (you) uses a shared public infrastructure (the Internet) to communicate with an associate. The question is whether the government has the right to request that communication from the third party, whether or not they need a warrant to do so, and whether the third party has the right to release this information without your permission (or notification).

In the 'old' days, telephone companies were given something called common carrier status. Effectively, they were defined as an infrastructure that provides a common good to the governed populace, and with this definition, they received a limitation of liability for the information carried over their wires. In return, the good of the populace was protected by giving the government certain rights, including the right to judicially reviewed wiretaps. There's a lot more to the story, but one of the important tenets of this service was that the phone company disavowed any control over the communication being carried over their wires. Anyone would be permitted to call anyone else, and use that electrical connection to transmit anything they wanted as long as it fit into the provided capability of the phone line. In my opinion, the giving of common carrier status effectively made the information that was carried over the Public Telephone Network (PTN) 'community property'. With the way the wiretapping laws were configured, there was a judicial process for law enforcement to gain access to the community property in order to protect the common good. In the end, everybody wins.

In the old telephone networks (at least prior to Electronic Switching Systems [ESS]), when you were connected to the party to whom you were speaking, you had a direct connected wave channel from your equipment to their equipment. Analog switching gear channeled and/or amplified the energy waves created by your microphone and delivered it out the other end to a speaker on the other end of the transmission. Transmission of this energy wave was not stored to be forwarded later. Equipment in between had no memory of your communication and, unless your line was tapped, could not reproduce the transmission. ESS changed this by digitizing communications between parties so that it could be digitally multiplexed with time, but the 'store and forward' in ESS was effectively nanoseconds of storage. While this may have offered technical challenges or even eased the mechanism by which wiretapping was done, it wasn't enough of a difference to say that any line was crossed.

Enter 'the Internet' - The Internet is more than a 'series of tubes'. It is a complex inter-relationship between millions of pieces of computer equipment over publicly and privately funded switched networks. The very way in which these networks operate provide a fundamental difference in the way they connect from the old PTN. One of the most basic changes is that the communications between two endpoints is not 'immediate'. Packets are stored and forwarded all along the communications path for a variety of purposes, such as routing, multiplexing and even at layers above the individual sessions (news servers, email servers, etc) we store more than just packets. Where previously all communications took place in singular sessions between parties, now communications involve multiple channels of connectivity, and even more store and forward of whole sessions and data sets from multiple sessions. Obviously, the rules have to change to meet this new architecture.

Because users don't normally think about the difference between, say, email and a telephone conversation, it is easy enough for them to have an opinion that these should both be treated similarly. After all, they are both a 'private chat' with a colleague, right? While that opinion may be far flung, as a technical user I must disagree with it. The email systems that most people utilize involve a store and forward mechanism in which we place our private thoughts in electronic form, and then deliver them, along with some addressing information, to a third party - normally a for-profit business, but your email may vary depending on who you work for and how you get email services. The email is not (normally) wrapped in any encoding that would hide it from casual sight. If someone were to ask for an analogy, I would have to give it the analogy of a postcard, mailed through the USPS - with the exception that their Internet email service is not provided by a government agency sworn to secrecy.

Technically, any network maintenance operations that may be ongoing at your provider or troubleshooting of the system, could innocently run across your 'private communication'. And here's the rub. That email server that you've entrusted the communication to, is owned and operated by a party that has not yet been removed from liability. In fact, I believe it is legally plausible to think that if you were to transmit illegal materials over the wire (such as child pornography), the provider in question has a duty and liability requirement by law, to report the illegal materials. If they do not, they could be legally responsible for the consequences of continuing to store and deliver that material. Because of this liability, and until this liability is removed, it is my opinion that your 'private communication' is no longer private as soon as you entrust it to the provider for delivery.

Common Carrier status carried with it the lifting of liability from the telephone companies. Yet, that same status has NOT been granted to providers of electronic services, such as email, ftp, or web services. Information that is stored 'in the cloud' for any period of time to permit its transfer between two parties puts the ownership of that information clearly in the hands of the provider, and that ownership is tied to their liability for the information. But, can a company disavow liability and grant privacy to the user? Does it have to?

How much liability there is can be a grey area. Before 'the Internet', we had bulletin board systems, both corporate and private. Some famous corporate ones were Compuserve, Q-Link (later AOL), and a little company called Prodigy. Prodigy attempted to market itself as a 'family-friendly' service, and actively participated in the culling and monitoring of their bulletin board services. Each board had an active administrative staff who was responsible for monitoring and editing the content of the boards through deletion of articles they felt were not in line with their Terms of Service (TOS). This 'active participation' put the company directly in the line of fire in a libel case (Stratton Oakmont vs. Prodigy) when a user made libelous comments that were not removed by the provider. In two different cases (Cubby vs. Compuserve; Blumenthal vs. Drudge), the providers (Compuserve and AOL) were not held liable, with the main argument being that Compuserve and AOL do not actively cull content.

Does this mean that Compuserve would NOT be held liable if it found child pornography on its servers and failed to report and/or remove it? Certainly not. Active liability for all content is not the same as due care (or passive liability). Law is (or should be) based upon common sense, after all.

So this gets back to the original question - does the provider have the right to share your data with the government without your permission? With liability out of the way, let's discuss distribution rights. For store and forward communications such as email, you've delivered the content to the provider for delivery at a later time. (We should probably separate emails from packets/sessions where communication is intended to be party-party in a session [such as a web session or telnet session].) You have effectively granted your ISP some distribution rights, arguably distribution rights to the intended party, and through use of the communication channel, rights to view the communication in the course of that delivery, including standard operations and maintenance.

If the ISP is not an active participant or editing publisher (such as Prodigy or say, a republisher like The Huffington Post or Associated Press), then do you own the distribution rights or did you give those up when you transmitted the data to the ISP?

A distribution right is defined as "Exclusive right of a copyright owner to distribute copies of the original work (book, illustration, photograph, record, software, etc.) to the public by sale, lease, or rental." Let's examine your communication under the guise of copyright. According to bitlaw, distribution rights have a limitation called "first sale doctrine": "... However, the distribution right is limited by the "first sale doctrine", which states that after the first sale or distribution of a copy, the copyright holder can no longer control what happens to that copy..." When software came along, Congress had to limit this doctrine to allow the owner to control rental of computer software because of the nature of how software is used (In many cases, it involves copying the software onto the target computer for installation). Does distributing a copyrighted email to someone grant them the right to distribute however they please? If so, then without reproduction rights, they would have to ensure that the original copy of your email were deleted, and never delivered to the recipient, if it were to be delivered to, say, the government.

While I am not a lawyer, it certainly seems that there may be something to this argument that, at least by copyright laws, the provider has your permission only to deliver (AND THEN DELETE!) your email message. Of course, you entrust that they will deliver it to the intended party. However, by making secondary copies for delivery to other parties, they may be in breach of your reproductive rights under copyright. Those same rights probably extend to your 'Sent Items' folder, wherein you are the author, and copyright holder of those works. By enabling your sent items folder, you are agreeing to a single reproductive right for the limited purpose of delivery back to yourself.

So, in conclusion, I think it should be argued that while the providers have limited liability scope to report illegal activity when uncovered, they do not have the rights to distribute or copy your communications to be shared with law enforcement agencies. In fact, I might argue that a valid warrant would be necessary for them to do so without incurring responsibility and liability for damages to you. I would also argue that they do not have the rights to give up the information that is being seized without deleting their copies of the materials without being liable for reproductive rights of materials they do not own.

Interestingly, when I began this discussion with myself, I probably swung the other way in my opinion. I'd be very interested in arguments for and against this position. Feel free to share it (and link to it) with others.

May 01, 2011

Next Up for the Mac - Fixing the Mouse

Ok - the next thing to do with the Mac Mini - fix the damned mouse acceleration. The default mouse sensitivity for Snow Leopard is 'dog slow' - and the Mac Os X Settings panel doesn't let you adjust the sensitivity. I was getting hand cramps trying to move the mouse where I wanted, even with the mouse speed set to very high settings. So I did a little research and ended up with a program called USB-Overdrive. If you're going to get a mac and you have a mouse from the last two decades, you're going to want this program to adjust your sensitivity. I have it adjusted so well that yesterday I sat down at the machine, and actually forgot I was using the Mac while web browsing.

On the XCode front - I still haven't dedicated the effort I should into learning it all like I should. I've been distracted by other things. I downloaded a program from the App Store called Art Text 2 Lite which I used to make some icons for 'Chess Rep' - my target application for the iPad. I also played with the .xib file tool a little bit and compiled some test apps and ran them to get a feel for XCode, although I still haven't delved into the actual code.

April 28, 2011

More on the Mac Mini

Ok, Flash is a dog on this mini - it probably has a lot to do with it being a memory hog for the app I'm running (Cityville, yo!) - and the fact that the mini I got came with 2GB of memory - so off to order more memory - $78 later and I've got 8GB of RAM on order. It looks like Apple made the memory super easy to upgrade in the latest mini - just rotate and pop off the underside of the mini and slot in the RAM - older models look like they were designed to be NOT upgraded.

Also installed another app from the App Store - Trillian - logged in and all my IM accounts came over without a hitch. XCode 4 finished installing last night and I walked through the HelloWorld example (although I was kind of tired so I'll do that again tonight as well as look at building my first iPad app with it).

God, this monitor is huge - I really had no concept of just how big a 24" screen is - but truly, sitting this close on my desk this screen fills up my field of vision quite readily, and then some.

April 27, 2011

The Mac Adventure - installing XCode

Ok, so the XCode installation package was on the DVD under Optional Installs - installing it now but I also expect to have to upgrade it on first run. Need to figure out how to download the iPad SDK to get started without having to pay for the iOS Developer package - will pay when I'm ready to test my first app on-device. Hrm, XCode started up - going to walk through the Tutorial for workflow now.

Also, changed the damn mouse speed - This monitor is fucking HUGE when you're scrolling across it. I have a 24" 1920x1080 HDMI monitor I got for $160 at Best Buy (another open box - never buy anything new if you don't have to - saved $30 and it has maybe 2 rub/scratches in the finish that I'll never see without looking for them)

XCode appears to be version 3.2 - not only out of date for the 3.x line - but version 4 is also out - downloading and installing from the App Store now - paid the $4.99 for the new version - but it's taking its good sweet time - I understand it to be several GB in size - so this could indeed take a while. Main complaint of people is that the whole thing has to be downloaded every update and that it's a slow download. That's something Apple needs to fix. There should be some patch download capability - and maybe even some P2P - I have a pretty fast connection and it's crawling.. At this rate, I won't be up and coding tonight unless I want to use the older version already installed.

The Mac adventure - continued

Using Safari just now - realized suddenly that there were no tabs button - how the hell do you open another tab? A quick Google search shows me just where to go - whatever did we do before the hive-mind that is the indexed Internet?

Just tried to pay my Gas bill at Washington Gas's online service center - a nobrainer for all browsers on the Windows framework - but apparently Mac users are left out in the cold - downloading Chrome for Mac now....

Day...saved. Paid my gas bill with my mac - was booting up the PC just in case I didn't get it working, but I'm going to shut it off again - try to stay committed.

Silly developer - just found the system settings staring me in the face on the bottom task bar right next to where Chrome stuck its' shortcut. The display settings were right there. Yes, it will take a while to get used to all of this. Next question, do I buy xCode for 4.99 or do I go ahead and bite the bullet for the $99 iOS developer package? Probably going to bite the bullet - amazing what tax return cash does to your financial sensibilities.

Stupid 'End' button on the keyboard doesn't..Mac issue or keyboard issue? As a keyboard junkie - that's going to be ANNOYING!

The adventures of a new Mac user - Part I

Today, I purchased on open-box Mac Mini. I have never owned a Mac. I am, however, an experienced computer user. I have used, at one time or another, many operating systems from the Timex Sinclair and the TRS-80's OS to the Windows and Linux(es) of today. So, I am unafraid of different experiences. And for one use case that has been itching in my mind, I need a Mac to do it right. That use case, my friends, is iPad development.

Now, it has been a long time since I have really slung code. My last real coding (aside from some VB automation inside Office) was C code development for a MUD (one of those text games that no one plays anymore, but a few sick and devoted people still play). [FoxMUD if you care to check it out.] Any-who - the development itch is one that never really goes away, and in my current role as Enterprise Architect, I don't get to do much coding. I'm more concerned with processes, products, alignments to reference models and trying to make sure I stay ahead of the customer in the daily fire drill. So, last night I watched "The Social Network" and the itch started up again - poor Mark Zuckerberg - so misunderstood. To hell with being rich - it's not the money - it's the idea of doing something REALLY FUCKING COOL...that's what I miss about programming - doing something no one's done before with a piece of code. Introducing new capabilities in software and having the users go 'oooh, ahhh' and 'Can you make it do this....too?'

Well, as those of you who know me, know....I have a new iPad 2. And it has some apps that I like, and others I think can be improved on. And I'm impulsive...and the mac mini was on sale because it was an open box...and here I am writing this first blog post. I'm going to write about my experience changing over to the Mac OS, and my foray(s) into xCode.

So, Day 1 - Realize that the open/close window buttons are on the left, not the right. Also, pushing the red 'X' doesn't actually QUIT the application - had to restart Safari to install Flash (GOTTA HAVE MY CITYVILLE FIX) and closing it/opening it didn't work after installing the plug-in.

Am using a two-button/scrolling mouse - my favorite one - don't judge - Apple purists will tell me that it's a crutch - but I still have to use two-button mice all day long, so this will ease the transition - besides - this way I don't have to buy a second mouse - I just reuse what I've got for my laptop.

After installing Safari, was suffering from seizures due to the monitor flicker - looked up in Help how to change Display Settings - STILL have no idea how to get to Displays preferences through any normal means - because I just opened it straight from the Help - have seen this in Windows Vista help too - and I thank whoever invented the Application shortcuts built into help files....changed monitor to 1080p instead of 1080i and flicker is GRATEFULLY gone.

Next step will be to fully register for Apple Developer and get xCode....will blog later.

It's Behind a Firewall

Between my neighbor's house and mine is a firewall - an actual firewall, not a computer thing, but a wall that is designed to prevent fire from spreading from his house to mine. The wall is there to protect both of us from the cross-risk of someone having their house on fire. This is obvious by the name 'firewall'. The computer domain has taken the name of this engineering construct and uses it to describe a virtual wall used to protect one network from another. Unfortunately, it has become, to the uninitiated, a term that describes some kind of absolute security.

Just because there is a firewall between my neighbor's house and mine, I am still not free to set my house afire. I would still be liable for any damages this might cause my neighbor. Similarly, I would be remiss to install substandard electrical wiring, or (according to my HOA) have a barbecue grill that uses charcoal, rather than gas. Yet, in the parlance of computer networking, it has become vogue for some parties to address security concerns of cross-domain risk with 'It's behind a firewall, so there's no risk'. Even when the sentence is uttered without those last four words, they're usually contextually assumed.

This is just wrong. Just because you have a firewall does not mean that the system you're installing behind the firewall presents no potential risk to the Enterprise. Each and every system comes with built in risks, and not only are firewalls INTENTIONALLY porous, but they're only good at preventing very wide-ranging risk. They're of virtually no use when attacks come in through the holes you've punched in it, or when you bring the risks in with you around the side (through the back-end or through a sneaker net).

One of these days, someone is going to say 'No worries, it's behind a firewall' and I am going to physically pull out a lighter and set them on fire (ok, not really, but I'll think about it).

April 20, 2011

DropBox, Security, Encryption, FIPS 140-1 and Illusions

Lately there has been some brouhaha on the Interwebs about the lack of proper security on the DropBox application. Users are rather incensed that they were told their data was securely encrypted, only to find out later that the encryption keys themselves were store in the databases at DropBox in a recoverable manner.

One of my pet peeves is when people ask me whether a product is FIPS 140-2 compliant. The question is so specific, and means one very specific thing is implemented correctly, the algorithm that implements the AES encryption and decryption activity itself. However, the question does not touch on whether or not the implementation of that encryption is done correctly. FIPS 140-2 compliance is something I would expect any graduate programmer to be able to accomplish in an implementation of AES.

What is missing is the secure implementation and design of the product that utilizes the AES algorithm, most notably the secure implementation of the key storage. For simplicities sake, imagine that AES is a specification of lock mechanism and encasement. When you lock up your secrets in this encasement, it is protected by one thing - the key. Where do you put the key to protect it? How do you share the key with others who may need it? How do you store it in a place that you can get to it from whatever device you're accessing it from, including the web and mobile devices.

Users of Dropbox made an assumption that the security of the encryption key was secured by the password that protected their Dropbox account. I, myself, made the assumption that Dropbox uses an algorithm such as PBKDF2 to create the key to protect my files at Dropbox. Of course, there was a point that I missed - if Dropbox were to do this, my files would be unrecoverable if I ever forgot my password. And obviously, some engineer at Dropbox had figured on this as well, because Dropbox can do password resets while my data can still be recovered. And thus, the slippery slope weaknesses introduced to account for the weakness of the weakest link.....the fallibility of the user. Dropbox implemented a solution whereby they store my key for me rather than make it unrecoverable. SHOCK!! DISMAY!! There's even more to the story, because other compromises were made as well in the interest of convenience, according to other accounts I've read, including generating unique security keys for each device that allowed them to authenticate to my dropbox without even my current password. This last piece, I don't even see as 'user-convenient' because it puts the onus on the user to remember to lock out any device that they've lost control of (and they may not even know they've lost control of the device!!).

The illusion of security in products that the mainstream uses is often touted as secure and covered with all kind of marketing like 'FIPS 140-2 Compliant'!! However, the reality is that true security will always get back to the security of the key. If you want to evaluate the true security of a device or a security implementation, there's a simple checklist the consumer can ask himself when buying the device:

1. Identify the 'key' that gives you access to your stuff.
This could be a password, a 'smart card' or a SecurID token.

2. Can I store my key to allow me to access without asking me every time?
The answer needs to be NO. If your devices store your key without you having to enter it (or provide something external like a secure token), the key isn't really the key, or it's replicated in the implementation. You don't want copies of your key being stored.

3. If I lose my key, is there a mechanism for me to recover my key that does not require another, perhaps more secure, key?
The answer needs to be NO. The key needs to actually be a part of what is needed to unlock the lock. If you can lose your key but still access the data later without it, it wasn't really the key - it was a token to get your key. Key Recovery is a whole practice in and of itself. Sure, we can encrypt and store your key info - but now we need to make sure that's locked up just as tight, if not tighter than the original data.

4. Can key recovery be done without my participation (providing the more secure key)?
The answer needs to be NO!! Again, if your data can be unlocked without you providing the key or an alternate key - it's not really the key at all! It's just a laundry ticket to pick up your key.

Those four questions are a good start - and there's even more to think about for advanced users (e.g. Can the key be used on the data without the system itself?)

Don't fall for the illusion - ask yourself these questions to get a feel for how secure your 'encrypted' data is. Then ask yourself which you want, convenience or lock-it-up-and-swallow-the-key security. If history is any indication - you'll choose convenience. I may still be a DropBox user, but my truly private data is encrypted before I store it there. Let's hope I don't get Alzheimer's and lose THAT key.

April 01, 2011

There are certain foods....

There are certain foods in the American culinary lexicon that seem to defy the idea that foods are created by artistic minds, unless one considers the seedier side of the artistic world as a valid source of creation vision. As I purchase breakfast this morning, which includes a 'yogurt muffin' that I normally obtain, I stopped to think about just what yogurt is - a sort of curdled milk product (yes, I KNOW there's more to it than that). But even if that were not a strong enough case to be made that some foodies must in fact be engineers instead of artists, I am given to think of Blue Cheese dressing, foie gras and even haggis. This last one I'm sure we could argue is NOT in the American culinary lexicon at all, but is in fact only closely related by the unity of Britain and Scotland and their lingual and historical relationship to Americans. No one wants to get too close to the haggis, after all. Just a passing thought.

March 24, 2011


It is so embarrassing to sound so 'right' about something, only to find out that you are indeed wrong. I really need to bring my 'humility circuit' online more often, even in subjects I am supposedly smart on.

March 09, 2011

Matrix Screen Saver

Some days you just want a good Matrix screen saver. I downloaded three different ones to try out - and of the three, only one worked properly on my Windows 7 dual-screen monitor. It's a nice screen saver, includes some good options (like turning off after x minutes if you want, turning on/off the trace program sequence, changing speed and density of the falls), and it's free. The link to it on Download.Com is
Perhaps this will save someone a few minutes of searching and testing.

February 28, 2011

The Weekend

So, what did you do with your weekend? This weekend the wife and I went to the library - I haven't been for a while and there's a relatively new branch in the main city near me. I picked up two things - "Ender's Game" by Orson Scott Card (a friend had recommended another book by him, but they didn't have it) and a book of sheet music for songs from the 70s. I brought the sheet music home and started learning "American Pie" by Don McClean on the piano. I'm certainly no virtuoso - I'm a self-taught piano player of a few years and I'm only able to play a melody with full-chord accompaniment, but it sounds fairly good on my electronic keyboard with some creative dual-voicing. I've learned up through the first chorus by heart, and with practice I should be able to teach myself the whole song before I have to bring the book back.
We also stopped at Panera bread for scones and a smoothie while we read our books. I'm about a third through "Ender's Game" and should finish it this week. Card is a very accessible author, and so far I am thoroughly enjoying the book, aside from the incredulous level of dialogue that is supposedly coming from a six-year-old. That's my only nitpick with the book concept thus far.

February 09, 2011

Jurors take their job seriously

I had jury duty yesterday. I spent all day at the County courthouse for a trial on a charge of 'failure to stop' (at a stop sign). It was more interesting than it probably should have been, and there were plenty of takeaways to share.

1. The jurists for this case (all 7 of them) appeared to be very dedicated to getting to the bottom of the matter and ensuring they followed their instructions as closely as possible. Because the case was such a simple one, I was surprised by the level of discussions in the jury room. I expected to be one of two or three dissenters, but found myself in the majority from the outset.

2. The Prosecution needs to ensure that they do their job. In presenting their case, they need to be extremely specific about focusing on the charge at hand and ensuring they present enough evidence to erase shadows of doubt. The jury takes very seriously the 'beyond reasonable doubt' clause. In our trial, most of the jury members were very adamant that they had not heard the officer testify that they saw the defendant approach the stop sign and roll through it without stopping. This planted seeds of doubt as to whether or not she had indeed watched him fail to stop, even though it was clear she saw him stop later on. The prosecution did not dwell on setting the scene and ensuring that the officer testified as to the fact that she actually knew that she saw him NOT STOP - a very specific event. Without this specificity, the jury was left to conjecture, which meant reasonable doubt (and ultimately an acquittal).

3. "You have the right to remain silent" - No better advice can be given anyone accused of a crime. The defendant did not make it easy on himself. Deliberations took hours for the jury merely because of the defendants behavior in the courtroom, introduction of unrelated evidence, disrespect, immaturity and even introduction of his own driving record (WITH MORE THAN 5 OFFENSES ON IT!!!) into evidence. [Oh yeah, and the prosecution didn't even provide the citation as evidence, which ended up being crucial in the deliberations room].

4. If you're going to represent yourself at a trial, ensure that you've prepared a logical argument and present ONLY THAT ARGUMENT. Had the defendant followed proceedings properly and taken the stand to state only the one crucial fact (his claim that he had stopped prior to the stop sign and then again after passing through the intersection to avoid hitting something else), it would have laid the reasonable doubt without prejudice. As it is, his rambling, his attacks on the character of the officer, and his other antics in the courtroom all detracted from his credibility.

4a. Oh yeah, and if you're going to represent yourself - CALM DOWN!!! You will be given an opportunity to refute testimony and present your own facts in due time. There is a structure for approaching the situation to come to a logical conclusion, and you will have adequate opportunity to address everything you need to. Take notes if you have an impetus and cannot address it in the current forum. Whatever you do, try not to sound like a stark-raving lunatic.

5. Interesting points on juries in Fairfax County - I was unaware that (at least in this court) you needed unanimity to reach a jury decision for non-felonies. I was unaware the jury sets the sentence in Virginia. I think that's an interesting point. We were given sentencing guidelines when we entered the jury room, and asked to provide a sentence in the case of a guilty verdict.

January 28, 2011

Geek Thoughts

This morning I sat down at my desk and looked over at my picture frame. When I was in Georgetown this summer, I took a picture of the plaque that adorns the building where Herman Hollerith invented and perfected the punched card machine. This is one of the pictures that, along with family pictures, macro pictures and nature pictures cycles through the day. But for some reason, this morning I thought about the Hollerith card.
Did I remember the coding scheme used by the card? A quick Google search confirmed my memories that it was a two-zone system, with 3 punch rows in zone 1 and 9 punch rows in zone 2 (although I recalled 3/10). This gives us 40 possible values per column, with 80 columns available. But then I had this thought, which I am sure others thought of before me.. The possible values per column is actually much more. By allowing multiple punches per zone, the card could be made to handle 2^12, or 4096 possible values, by ignoring the zoning of the card, and utilizing each potential hole as a bit value. And that's only with the same hardware. Because there was space between zone 1 and zone 2, the potential for more holes is there in the card, and with a bit more machining, another hole would be possible (although this thought process also gets into the potential for phase shifting along both x and y axis, giving us much more potential).
Just some geek thoughts for the morning.....completely unimportant.