Archives

Authenticated actions as an alternative to login

The usual approach to authentication online is the “login” approach — you enter userid and password, and for some “session” your actions are authenticated. (Sometimes special actions require re-authentication, which is something my bank does on things like cash transfers.) This is so widespread that all browsers will now remember all your passwords for you, and systems like OpenID have arise to provide “universal sign on,” though to only modest acceptance.

Another approach which security people have been trying to push for some time is authentication via digital signature and certificate. Your browser is able, at any time, to prove who you are, either for special events (including logins) or all the time. In theory these tools are present in browsers but they are barely used. Login has been popular because it always works, even if it has a lot of problems with how it’s been implemented. In addition, for privacy reasons, it is important your browser not identify you all the time by default. You must decide you want to be identified to any given web site.

I wrote earlier about the desire for more casual athentication for things like casual comments on message boards, where creating an account is a burden and even use of a universal login can be a burden.

I believe an answer to some of the problems can come from developing a system of authenticated actions rather than always authenticating sessions. Creating a session (ie. login) can be just one of a range of authenticated actions, or AuthAct.

To do this, we would adapt HTML actions (such as submit buttons on forms) so that they could say, “This action requires the following authentication.” This would tell the browser that if the user is going to click on the button, their action will be authenticated and probably provide some identity information. In turn, the button would be modified by the browser to make it clear that the action is authenticated.

An example might clarify things. Say you have a blog post like this with a comment form. Right now the button below you says “Post Comment.” On many pages, you could not post a comment without logging in first, or, as on this site, you may have to fill other fields in to post the comment.

In this system, the web form would indicate that posting a comment is something that requires some level of authentication or identity. This might be an account on the site. It might be an account in a universal account system (like a single sign-on system). It might just be a request for identity.

Your browser would understand that, and change the button to say, “Post Comment (as BradT).” The button would be specially highlighted to show the action will be authenticated. There might be a selection box in the button, so you can pick different actions, such as posting with different identities or different styles of identification. Thus it might offer choices like “as BradT” or “anonymously” or “with pseudonym XXX” where that might be a unique pseudonym for the site in question.

Now you could think of this as meaning “Login as BradT, and then post the comment” but in fact it would be all one action, one press. In this case, if BradT is an account in a universal sign-on system, the site in question may never have seen that identity before, and won’t, until you push the submit button. While the site could remember you with a cookie (unless you block that) or based on your IP for the next short while (which you can’t block) the reality is there is no need for it to do that. All your actions on the site can be statelessly authenticated, with no change in your actions, but a bit of a change in what is displayed. Your browser could enforce this, by converting all cookies to session cookies if AuthAct is in use.

Note that the first time you use this method on a site, the box would say “Choose identity” and it would be necessary for you to click and get a menu of identities, even if you only have one. This is because a there are always tools that try to fake you out and make you press buttons without you knowing it, by taking control of the mouse or covering the buttons with graphics that skip out of the way — there are many tricks. The first handover of identity requires explicit action. It is almost as big an event as creating an account, though not quite that significant.

You could also view the action as, “Use the account BradT, creating it if necessary, and under that name post the comment.” So a single posting would establish your ID and use it, as though the site doesn’t require userids at all.  read more »

ClariNet history and the 20th anniversary of the dot-com

Twenty years ago (Monday) on June 8th, 1989, I did the public launch of ClariNet.com, my electronic newspaper business, which would be delivered using USENET protocols (there was no HTTP yet) over the internet.

ClariNet was the first company created to use the internet as its platform for business, and as such this event has a claim at being the birth of the “dot-com” concept which so affected the world in the two intervening decades. There are other definitions and other contenders which I discuss in the article below.

In those days, the internet consisted of regional networks, who were mostly non-profit cooperatives, and the government funded “NSFNet” backbone which linked them up. That backbone had a no-commercial-use policy, but I found a way around it. In addition, a nascent commercial internet was arising with companies like UUNet and PSINet, and the seeds of internet-based business were growing. There was no web, of course. The internet’s community lived in e-Mail and USENET. Those, and FTP file transfer were the means of publishing. When Tim Berners-Lee would coin the term “the web” a few years later, he would call all these the web, and HTML/HTTP a new addition and glue connecting them.

I decided I should write a history of those early days, where the seeds of the company came from and what it was like before most of the world had even heard of the internet. It is a story of the origins and early perils and successes, and not so much of the boom times that came in the mid-90s. It also contains a few standalone anecdotes, such as the story of how I accidentally implemented a system so reliable, even those authorized to do so failed to shut it down (which I call “M5 reliability” after the Star Trek computer), stories of too-early eBook publishing and more.

There’s also a little bit about some of the other early internet and e-publishing businesses such as BBN, UUNet, Stargate, public access unix, Netcom, Comtex and the first Internet World trade show.

Extra, extra, read all about it: The history of ClariNet.com and the dawn of the dot-coms.

Apple blocks iPhone App because EFF blog points to my Downfall Parody

Last week, I posted a pointer to my parody of a famous clip from the movie Downfall and I hope you enjoyed it. While the EFF itself didn’t make this video, I do chair the foundation and they posted a pointer to it on the “Deep Links” blog. All well and good.

Some time earlier, an iPhone app developer put together an iPhone app which would display the EFF blog feed. This wasn’t an EFF effort, but the EFF gave them permission to put the logo in the app.

Recently, Apple’s App Store team evaluated the app. The pulled up the EFF blog feed, and played the video, presumably using the built in YouTube playing App which Apple provides for the iPhone. And in the subtitles I wrote, at one point when Hitler was particularly angry, the fake text had him say “fucking.” This is quite mild compared to most of the Downfall parodies on YouTube, and indeed many other videos on YouTube. I debated taking it out, but it’s appropriate for the character to be using strong angry language at that point in his rant. And it’s funny to see Hitler swear in English so I left it in.

The App Store team — dare I call them the Apple App Store content Nazis, or is that too meta? — declared the app unsuitable for the iPhone store. Note that the app doesn’t contain any dirty words, and the EFF blog rarely contains them, and didn’t contain them in this case, only pointing to the video. Of course, the EFF as a free speech organization is not about to declare its blog will be free of bad words in the future, though they are a fairly unlikely event.

Yet this, it seems, is what Apple is protecting its users from. Apple claims that it needs to control what Apps you can install on an iPhone. You need to “jailbreak” the iPhone to install other apps, and Apple says you don’t have the right to do that. Sometimes such walled gardens start off with what you may agree are good intentions, such as stopping malicious apps, or assuring a quality experience with a product. But always, it seems, it devolves to this.

You can also read the EFF Deep Links article on this bizarre denial. Apple seems to have become a parody of itself. How long before we see a Downfall clip where Hitler is an Apple app store evaluator, or a fake Steve Jobs? Of course, that had better not contain any upsetting words, even in links.

Gallery of my favourite panoramas

While I have over 30 galleries of panoramic photos up on the web, a while ago I decided to generate some pages of favourites as an introduction to the photography. I’m way behind on putting up galleries from recent trips to Israel, Jordan, Russia and various other places, but in the meantime you can enjoy these three galleries:

My Best Panoramas — favourites from around the world

Burning Man Sampler — different sorts of shots from each year of Burning Man

Giant Black Rock City Shots — Each year I shoot a super-large shot of the whole of Black Rock City. This shows this shot for each year.

As always, I recommend you put your browser in full-screen mode (F11 in Firefox) to get the full width when clicking on the panos.

How to properly use widescreen mode for TV viewing

As some people come to my article about TVs in widescreen and stretch mode looking for advice, here is some basic advice on how to get it right.

Generally problems only occur when you have an ordinary analog connection from your video source (DVD player, Cable box, satellite box) to your TV. Analog connections are things like composite video (one wire with RCA plug, plus 2 RCA plug wires for audio), S-video (the video cable is a round plug with 4 pins in it) or component video (3 RCA plug wires, plus the audio.) When you have an analog connection, the source box can’t tell whether your TV is widescreen (16 by 9) or regular (4 by 3). If you have a digital TV connected to an antenna, it will get it right automatically, but if you have a digital TV converter box, you need to set up that converter box.

That usually means your source box will have a menu item, somewhere in the setup section, where you can tell it what sort of TV you are connected to. Most of them will default to an old 4:3 TV size, so you need to go into the menus on the source box, and look for where you can set the size or “aspect ratio” of the TV. This is not done on the TV’s setup, but on the setup of the DVD player or set top box.

If your source box is connected to the TV via a digital connection — which means DVI, HDMI or even VGA — it should be able to figure out the size of your TV on its own. Normally you should not need to play with things. However, if it’s doing it wrong, you may need to go into it and play around.

The other control — the one you want to avoid using — is the one on your TV remote. It will be marked with a name like “size” or “p. size” or “aspect ratio” or “zoom” or even “mode.” It lets you change what your TV does with the signal. You should very rarely have to use this setting if you have a widescreen TV and you set up the source boxes to know you have a widescreen TV.

The one exception will be if you have a widescreen TV, and you watch a program on a 4:3 channel (which means most non-HD channels) which was widescreen. Then you get what’s called a letterbox inside the pillarbox (the bars on left and right.) The result is your image is a smaller rectangle in the middle of the screen. If you are far away from your TV, you can blow this up by setting your TV to a “zoom” mode, expanding the box. Some TVs come with two zoom settings. I tend to prefer the partial zoom that does not fill the screen, as the full zoom tends to “overscan” and lose a little bit of the image.

Some TVs have an “auto” mode. In the auto mode, they try to detect this small box, and automatically zoom. If yours works that’s great, but it may not work, and it may get confused as commercials change the aspect ratio.

Normally it would be highly unusual to have to use the 16:9 or stretch mode, because again, you should have told your source box that you have a widescreen TV. This mode normally would only be used with a DVD player which is unable to be told that the TV is widescreen. It is the stretch mode that you often found used on widescreen TVs of people who hate the bars on the sides so much that they would rather see everything distorted and fat.

Hitler tries a DMCA takedown

New Update, April 2010: Yes, even this parody video has been taken down though the YouTube Content-ID takedown system — just as my version of Hitler says he is going to do at the end. I filed a dispute, and it seems that now you can watch it again on YouTube, at least until Constantin responds as well as on Vimeo. I have a new post about the takedown with more details. In addition, YouTube issued an official statement to which I responded.

Unless you’ve been under a rock, you have probably seen a parody clip that puts new subtitles on a scene of Hitler ranting and raving from the 2004 German movie Downfall (Der Untergang). Some of these videos have gathered millions of views, with Hitler complaining about how he’s been banned from X-box live, or nobody wants to go to Burning Man, or his new camera sucks. The phenomenon even rated a New York Times article.

It eventually spawned meta-parodies, where Hitler would rant about how many Hitler videos were out on the internet, or how they sucked. I’ve seen at least 4 of these. Remarkably, one of them, called Hitler is a Meme was pulled from YouTube by the studio, presumably using a DMCA takedown. A few others have also been pulled, though many remain intact. (More on that later.)

Of course, I had to do my own. I hope, even if you’ve seen a score of these, that this one will still give you some laughs. If you are familiar with the issues of DRM, DMCA takedowns, and copyright wars, I can assure you based on the reviews of others that you will enjoy this quite a bit. Of course, as it criticises YouTube as well as the studio, I have put it on YouTube. But somehow I don’t think they would be willing to try a takedown — not on so obvious a fair use as this one, not on the chairman of the most noted legal foundation in the field. But it’s fun to dare them.

(Shortly I may also provide the video in some higher quality locations. I do recommend you click on the “HQ” button if you have bandwidth.)  read more »

Making of the Video, Legally

On ultralight vehicles vs. large mass transit vehicles

One of the questions raised by the numbers which show that U.S. transit does not compete well on energy-efficiency was how transit can fare so poorly. Our intuition, as well as what we are taught, makes us feel that a shared vehicle must be more efficient than a private vehicle. And indeed a well-shared vehicle certainly is better than a solo driver in one of todays oversized cars and light trucks.

But this is a consequence of many factors, and surprisingly, shared transportation is not an inherent winner. Let’s consider why.

We have tended to build our transit on large, heavy vehicles. This is necessary to have large capacities at rush hour, and to use fewer drivers. But a transit system must serve the public at all times if it is to be effectively. If you ride the transit, you need to know you can get back, and at other than rush hour, without a hugely long wait. The right answer would be to use big vehicles at rush hour and small ones in the off-peak hours, but no transit agency is willing to pay for multiple sets of vehicles. The right answer is to use half-size vehicles twice as often, but again, no agency wants to pay for this or to double the number of drivers. It’s not a cost-effective use of capital or the operating budget, they judge.

Weight

The urban vehicle of the future, as I predict it, is a small, one-person vehicle which resembles a modern electric tricycle with fiberglass shell. It will be fancier than that, with nicer seat, better suspension and other amenities, but chances are it only has to weigh very little. Quite possibly it will weigh less than the passenger — 100 to 200lbs.

Transit vehicles weigh a lot. A city bus comes in around 30,000 lbs. At its average load of 9 passengers, that’s over 3,000lbs of bus per passenger. Even full-up with 60 people (standing room) it’s 500lbs per passenger — better than a modern car with its average of 1.5 people, but still much worse than the ultralight.  read more »

Can airports do paging as well as a restaurant?

I have a lot of peeves about airports, like almost everybody. One of them is the constant flow of public address announcements. They make it hard to read, work or concentrate for many people. Certainly it’s hard to sleep. It’s often even hard to have a phone call with the announcements in the background.

One solution to this is the premium airline lounges. These are announcement-free, but you must watch the screens regularly to track any changes. And of course they cost a lot of money, and may be far from your gate.

Some airlines have also improved things by putting up screens at the gates that list the status of standby passengers and people waiting for upgrades. This also saves them a lot of questions at the gate, which is good.

But it’s not enough. Yet, even in a cheap restaurant, they often have a solution. They give you a special pager programmed to summon you when your table or food is ready. It vibrates (never beeps) and they are designed to stack on top of one another for recharging.

Airports could do a lot better. Yes, they could hand you an electronic pager instead of/in addition to a boarding pass. This could be used to signal you anywhere in the airport. It could have an active RFID to allow you to walk though an automatic gate onto the plane with no need for even a gate agent, depositing the pager as you board.

Each pager could also know where it is in the airport. Thus a signal could go out about the start of boarding, and if your pager is not at the gate, it could tell the airline where you are. If you’re in the security line, it might tell you to show the pager to somebody who can get you through faster (though of course if you make this a regular thing that has other downsides.)  read more »

Electronic panorama head with rotation sensor

In my quest for the idea panorama head, I have recently written up some design notes and reviews. I found that the automatic head I tried, the beta version of the Gigapan turned out to be too slow for my tastes. I can shoot by hand much more quickly.

Manual pano heads either come with a smooth turning rotator with markers, or with a detent system that offers click-stops at intervals, like 15, 20 or 30 degrees. Having click-stops is great in theory — easy to turn, much less chance of error, more exact positioning. But it turns out to have its problems.

First, unless you shoot with just one lens, no one interval is perfect. I used to shoot all my large panos with a 10 degree interval which most detent systems didn’t even want to support. Your best compromise is to pick a series of focal lengths that are multiples. So if you shoot with say a 50mm and near-25mm lens, you can use a 15 degree interval, and just go 2-clicks for 30 degrees and so on. (It’s not quite this simple, you need more overlap at the wider focal lengths.)

Changing the click stops is a pain on some rotators — it involves taking apart the rotator, which is too much no matter how easy they make that. The new Nodal Ninja rotators and some others use a fat rotator with a series of pins. This is good, but the rotator alone is $200.

Click stops have another downside. You want them to be firm, but when they are, the “click” sets up vibrations in the assembly, which has a long lever arm, especially if there is a telephoto lens. Depending on the assembly it can take a few seconds for those vibrations to die down.

So here’s a proposal that might be a winner: electronic click stops. The rotator ring would have fine sensor marks on it, which would be read by a standard index photosensor. This would be hooked up to an inexpensive microcontroller. The microcontroller in turn would have a small piezo speaker and/or a couple of LEDs. The speaker would issue a beep when the camera was in the right place, and also issue a sub-tone which changes as you get close to the right spot — a “warmer/colder” signal to let you find it quickly. LEDs could blink faster and faster as you get warmer, and go solid when on the right spot. They would also warn you if you drifted too far from the spot before shooting.

Now this alone would be quite useful, and of course, fully general as it could handle any interval desired. Two more things are needed — a way to set the interval, and optionally a way to ease the taking of the photos.

To set the interval, you might first reset the device by giving it a quick spin of 360 degrees. It would give a distinctive beep when ready. Then you would look through the viewfinder and move the desired interval. Your interval would be set. If doing a multi-row you would have 2 sensors for angle, and you would do this twice. You could have a button for this, but I am interested in avoiding buttons. Now you would be ready to shoot. It would give a special signal after you had shot 360 degrees or the width of the first row in a multi-row. Other modes could be set with other large motions of the rotator, such as moving it back and forth 2 times quickly, or other highly atypical rotations.

(If you want buttons, an interesting way to do this is to have an IR sensor and to accept controls from other remotes, such as a universal TV remote set to a Sony TV, or some other tiny remote control which is readily available. Then you can have all the buttons and modes you want.)

We might need to have one button (for on/off) and since off could be a long press-and-hold, the button could also be used for interval setting and panorama starting.

The next issue is automatic shooting or shot detection. The sensor, since it will be finely tuned, will be able to tell when you’ve stopped at the proper stop. When all movement ceases, it could take the shot without you pressing the shutter using a bunch of methods. It might also be useful to have you manually control the shutter, but via a button on the panohead rather than the camera’s own shutter or cable release. First of all, this would let the head know you had taken the shot, so it could warn you about any shot that was missing. It could also know if you bumped the head or moved it during any shot — when doing long exposures there is a risk of doing this, especially if you are too eager for the next shot. Secondly, you should always be using a cable release anyway, so building one into the pano head makes some sense. However, this need not be included in the simplest form of the product.

One very cheap way of having the pano head fire the shutter is infrared. Many cameras, though sadly not all, will let you control the shutter with infrared. Digital SLRs stopped doing this for a while, but now Canon at least has reversed things and supports infrared remote on the 5D Mark II. I think we can expect to see more of this in future. Another way is with a custom cable into the camera’s cable release port. The non-standard connectors, such as the Canon N3, can now be bought but this does mean having various connector adapters available, and plugging them in.

A third way is via USB. This is cheap and the connector is standard, but not all cameras will fire via USB. Fortunately more and more microcontroller chipsets are getting USB built in. The libgphoto2 open source library will control a lot of cameras. Of course, if you have a fancy controller, you can do much more with USB, such as figure out the field of view of the camera from EXIF but that’s beyond the scope of a simple system like this.

The fourth way is a shutter servo, again beyond the scope of a small system like this. In addition, all these methods beg more UI, and that means more buttons and even eventually a screen if an LED and speaker can’t tell you all you need. However, in this case what’s called for is a button which you can use to fire the shutter, and which you can press and hold before starting a pano to ask for auto firing.

The parts cost of all this is quite small, especially in any bulk. Cheaper than a machined detent system, in fact. In smaller volumes, a pre-assembled microcontroller board could be used, such as the Arduino or its clones. The only custom part might be the optical rotary encoder disk, but a number of vendors make these in various sizes.

I’ve talked about this system being cheap but in fact it has another big advantage, which is it can be small. It’s also not out of the question that it could be retrofitted onto existing pano heads, as just about everybody is already carrying a ballhead or pan/tilt head. For retrofit, one would glue an index mark tape around the outside of your existing head near where it turns, and mount the sensor and other equipment on the other part. The result is a panohead that weighs nothing because you are already carrying it.

Update: I am working on even more sophisticated plans than this which could generate a panohead which is the strongest, smallest, fastest, most versatile and lightest all at the same time — and among the less expensive too. But I would probably want some partners if I were to manufacture it.

Allow a refund on prepaid cell service for tourists

Years ago I asked that they let me buy a SIM card in the airport arrivals area and now they often do. I also started a forum here on the best company to buy a prepaid SIM from in each country which has a fair bit of traffic.

And indeed, I have been doing that, because often roaming rates remain obscene. I dropped my Canadian SIM when Sprint offered a plan with 20 cent/minute roaming in Canada that I can turn on for $3/month — this was comparable to the prepaid price I was getting, and prepaid had the “overhang balance” problem I will discuss below. But I’ve gotten or been loaned local SIMs in several countries to good use — especially when both I and my travel companion have one so we can use our cell phones as radios.

But a few problems exist with getting a local SIM. First, you have to get one. The cheapest place to do this is usually the local cell phone shops that can be found in most urban shopping areas. If you plan ahead, you can get one mailed to your hotel, though the companies that do this which aim at tourists always overcharge — perhaps enough to wipe out your savings if your call volume is modest or your stay short. The ideal SIM is near-free, and can be found where you enter the country.

Next, you must fill the account. Almost everywhere, you must use prepaid cards bought for cash from the shops, as they will not let you fill, or refill, with an out-of-country credit card, for supposed security reasons. This is annoying because you don’t want to have a large balance remaining (overhang) on your prepaid account when you leave the country, unless you will be back before it expires. (Sometimes you can use it up in other countries with obscene roaming rates, but often not even then.) But you also don’t want to have to risk running out of minutes in the middle of a call.

The answer: Let me put a fat balance on my prepaid account, and let me refund all or most of it when I am done — ideally back to my credit card when I leave.

The cell company loses that wasted balance, sure, but instead, I am prone to use the phone more if I have a large enough balance and a good enough rate that I don’t have to worry. I will use it like a local. This would be a good competitive edge that would make the difference if I were buying a SIM. You could offer this only to people from out of the country but I see no reason not to offer it to local users too.

Yes, processing the refund has a small cost. If you insist, don’t refund the last few bucks to cover your costs. Or alternately, let me do “minutes transfer” to other prepaid users. Then I could meet somebody (or go into a shop) and transfer the minutes and get cash for them.

Of course, it would also be nice if you would let me just buy a monthly plan deal for just one month, with no contract. Cell companies seem loathe to do this, but T-Mobile in the USA has just started doing exactly that with their flex-pay. In that system you pre-pay for one month of any monthly plan, and if you think you will use more than the minutes on that plan, you can put money into an overage account. But you can’t get it back, so that’s one modification to add. But frankly I would probably never go over the monthly plan I bought in a typical trip.

The remaining big headache is data. Getting a prepaid plan with data at a decent price (or any data at all) can be hard. Those from the USA are used to unlimited data, which they resist selling in many countries. Those from the USA who bring their phones overseas and forget to turn off roaming data often find nightmare bills of many thousands of dollars. The world has to figure this out. Still, those who are used to fancy network PDA phones often find themselves literally lost without their Google Maps Mobile or their e-Mail. We need a way to roam data selectively, letting some apps use limited data budgets but preventing others if we can’t get a decent data price plan. E-mail apps can go into low-data move (never download attachments or long messages automatically, just imap headers) and less frequent checking. If one is careful, one can get something decent at the $2/megabyte (or $10/megabyte) crazy prices for mobile data roaming.

Oh yeah, and think about doing 2-SIM offers to tourists, who often arrive in pairs. Especially if they include cheap mobile-to-mobile calling in the pair.

Virgin America Airways and on-demand ordering

Yesterday I took my first flight on Virgin America airways, on the IAD-SFO run. Virgin offered a tremendous price (about $130 one way) but it’s worth examining how they have made use of technology on their planes. Mostly I usually end up on United, which is by far the largest carrier at SFO. Because of this, I fly enough on it to earn status, and that it turn provides a seat in their Economy Plus section which has more legroom, priority boarding and in theory, an empty middle if there are empty middles. This is 90% of the value of the status — the other main value, ability to upgrade, is hard to actually make use of because business class is usually full. The extra legroom is surprisingly pleasant, even for a widebody individual like myself who would much prefer extra width if I had a choice.

Other than Economy Plus (and some very nice business class on some of the long-haul planes,) United is falling behind other airlines. It would be hard to recommend an ordinary coach seat. The one big amenity that more and more other airlines are providing is power in coach, in particular 115v AC power which is more flexible than the older 15vdc “Empower” system United uses in business class. The main downside of the 115v connections is they tend to be mounted under the seats, making them hard to get to. Air Canada has put them in the personal video panels. Virgin placed them under the seats but high and forward enough to be reached (if you knew what you were looking for) but also so close as to make wall-warts bump against your legs. Virgin also offered USB jacks down under the seats, also hard to get to. Even if you don’t want to put 115v up higher, USB charging jacks are better placed in the video console/seatback I think.

American Airlines has a mix of DC and AC power, but still makes it available in coach. Continental has put EmPower on some planes in the front half of coach, but some newer planes have AC power all the way through coach.  read more »

Two sources on energy, and using heat

I was reminded yesterday, after posting more on the cost-effectiveness of energy sources, to point out an interesting new book on the economics of energy. The book is Sustainable Energy With the Hot Air by David MacKay, a physics professor from Cambridge University. What’s important about the book is that he pays hard attention to the numbers, and demonstrates that certain types of alternative energy are likely to never make sense, while others are more promising.

I only have a few faults to pick with the book, and he’s not unaware of them. He decides to express energy in the odd unit of “kilowatt-hours per day” as he feels this will make numbers more manageable to the reader. Of course with time in the numerator and denominator, it’s a bit strange to the scientist in me. (It’s the same as about 42 watts.) In a world where we often see people say “kilowatt” when they mean “kilowatt-hour” I suppose one deserves credit for using a correct, if strange unit.

My real quibble is over his decision to measure energy usage at the tank, so that an electric car’s energy usage is measured in the battery, while a gasoline car is measured in the fuel tank. Today we burn fuel to make electricity, and so electric cars actually consume 3 times the energy they put in the batteries. That’s a big factor. MacKay argues that since future energy sources (such as solar) might generate electricity without burning fuel, that this is a fair way to look at it. This is indeed possible but I think it is necessary to look at it both ways — how efficient the vehicles are today (and will be if we still generate electricity from heat) and how they might be in the future. Generating electricity from heat does complicate the math of energy in ways that people can’t agree on, so I understand his temptation.

Yesterday I was also pointed out to a solar power site called SolarBuzz. This is a pro-solar-panel site, and is rare in that it seems to do its math right. I haven’t looked at all the numbers, and I am surprised wthat with the numbers they show that they are such boosters. Their charts of payback times all focus on power costs from 20 to 50 cents/kwh. Those costs are found in Europe, and in the tiers of California, but the U.S. national average is closer to 10 cents, where there is no payback. They also use 5% for their interest rate, a low rate that is only found in strange economic times such as these — but justifiable in a chart today.  read more »

Pure heating is highly wasteful

Is being evangelical about solar the right course?

The earlier post on whether solar gives the best bang per buck in greening our electricity ran into some opposition, as I expected. Let me consider some of the objections and issues.

As a recap, I put forward that if we are going to use our money and time to attain greener electricity, what matters is how many MWH we take off the “dirty” grid (particularly coal plant output.) I measured various ways to do that, both green generation and conservation (which do the exact same thing in terms of grid offset) and worked out their cost, the MWH they take off the grid and thus the cost per MWH. Solar PV fares poorly. Converting incandescent bulbs to fluorescent in your own home or even other people’s homes fares best.

A big part of the blame lies on the fact that crystalline silicon is an expensive way to make solar cells. It is, however, quite common since many PV plants started with technology from semiconductor fabrication.

Evangelical green

One frequent objection is that purchasing expensive solar panels today encourages the market for solar panels, and in particular better solar panels. Indeed, panel makers are generally selling all they can make. Many hope that this demand will encourage financing for the companies who will deliver panels at prices that make sense and compete with other green energy.

I call this being “evangelical green.” Leading by example, and through encouraging markets. While I understand the logic, I am not sure I accept the argument.  read more »

Caprica Review (spoilers after the break)

The prequel series, Caprica, is now available on DVD and for download. Caprica is set 56 years before the first Cylon war, and deals with the origin of the metal Cylons. This meta review provides links to some of the recent low-spoiler reviews. As you will read in all of them, Caprica is very different in tone from BSG. It’s a drama set on a planet, not a space opera.

My disappointment with how BSG was ended lowered my expectations for Caprica, which is of course a good thing. You always enjoy a work more when you go into it with lower expectations. In an ideal world, one would wish for a way to get great recommendations on worthwhile things that don’t raise high expectations — you would enjoy life more. It was the high expectations I put on BSG that in part led to the ending being such a letdown.

However, the overall review is positive. If you did not know it was Battlestar, you could treat Caprica as near-future SF set on Earth. If you didn’t have the references to polytheistic religion, in fact, a viewer would be hard pressed to spot differences from a typical tv-SF depiction of a decade or two in the future. Of course, the religion is important in this show, as it became important in BSG. While the God of Galactica (Gog) does not show it’s face directly, we must wonder if it will do so later. However, the religion is fundamental to the plot in that many of the characters do very dramatic things motivated by their religious beliefs. Which is perfectly fine, of course — some people mistook my criticism of the presence of an interventionist god in BSG as criticism of religion playing a role in a story.

You will get some items from Caprica that help explain important elements of BSG. They are more subtle than normal, but there. So the verdict is to watch it, though you will also do fine waiting the 8 months for it to appear on the air. The DVD version contains a bunch of mostly lesbian makeout scenes which won’t show on TV; presumably they are there to keep the boys titillated. They occur — no spoiler here, as you see this in the first 2 minutes of the show — in a virtual reality club which is the setting for a number of scenes in the show. It may be a bit surprising at first to see the Capricans using technology far beyond what is seen on BSG when it comes to computers and robotics. Obviously the colonies had a minor Butlerian jihad after the Cylon war. This was hinted at several times during the BSG series.  read more »

But now on to the spoilers…

Proposition T: All ballot propositions must fit in 140 characters

I was reviewing the voter information guide for the upcoming California Special Election. Even though I can’t vote it is interesting to look at the process. To my surprise, the full text of the propositions shows the real items to be incredibly complex. Proposition 1C, which updates lottery laws, is over 4 1/2 pages of dense print.

There is simply no way one could expect the electorate to make informed choices on constitutional changes like these. These are closer to the “Click to agree” contracts on a piece of software from the RIAA.

In this case, all the propositions were written by the legislators themselves, in response to a budget crisis. They want a bunch of constitutional changes that are outside their own power, but they have written them like legislative bills. (Well, frankly, those are even longer than a few pages.) The public gets a book with analysis (itself many pages long) and arguments and rebuttals by those on the for and against side. They get bombarded with ads on any proposition that has strong financial backers or opponents, usually propositions that involve lots of money.

So no, while I don’t really think you can fit every amendment into the size of a twitter post, there should be a size limit. If complex things need to be done, a shorter, understandable initiative should give the legislature the minimum powers it needs to do it — perhaps even temporarily. Watchdogs will examine just how much power this really is and warn about it, one hopes.

This isn’t the only type of legislator trick. The most common one, in fact, is the “bond measure.” Frequently on the ballot we will see authorization for the state to borrow money (issues bonds) for some sort of motherhood issue. For example, they will ask for billions to “fix levees in flood zones” or “fund libraries.”

Of course, they were going to fix the levees anyway. They were going to fund education anyway. There is no way they couldn’t. By issuing the bond, they don’t have to find room in the general fund for those things, allowing them to spend general fund money on something the public would never vote for. So instead of asking the public to fund tropical retreats for legislators, they ask the public to fund libraries, leaving the money that would have funded libraries to pay for the tropical retreat.

How do we stop this, short of removing public participation? I think a more reasonable limit (like 2,000 characters — about 400 words) might help a bit. And while bond measures may be sometimes needed, it might make sense to require that for the legislators to put a bond measure on the ballot, it must be something which they themselves voted against doing from the general fund. Then the minority who voted for it could ask to put it on the ballot. What this would mean is that before they could put library funding as a bond measure, they would have to have gone on record voting against library funding. I don’t know if this would be enough, though and perhaps a stronger method is needed. Of course, the bonds mean taxes must go up in the future to pay them back. (Or, they hope, tax revenues go up due to a growing economy, so tax rates don’t have to rise, as they know they will never get approval for that.)

What’s a way to make this work better and stop these abuses?

When the cell phone rings...

We’ve all experienced it. A cell phone starts ringing or vibrating. To be clever, it slowly starts getting louder in case the owner didn’t hear or feel the initial signal. You see somebody going through their bag looking for the phone that keeps getting louder and louder. Finally they answer and it shuts up.

Yet today’s new phones are all featuring accelerometers. This gives them to chance to know we are fumbling for them. Yes, if you’re out jogging it won’t be able to spot the new level of activity in fetching out the phone, but if you’re sitting in a quiet room, and the phone’s been still and it starts moving about shortly after starting ringing, the phone can know you’re aware of the ring, and start getting quieter. (It might switch back to vibrating or flashing to help you find it.) A ringing phone could also be listening to its microphone, and waiting for you to say commands to it, such as “getting it” to “voicemail” to “speaker” rather than have you hunt for the button. How often has a call gone to voicemail before you could find that button? When you are getting it, the phone could answer (to avoid going to voicemail) and then play a message to the caller about how you are still getting the phone and will be with them shortly. If you can hear the phone, it can hear you.

In fact, phones need to understand more when they are sitting on tables or on our persons. Movement is one way to know this. Temperature is another. Capacitance is a third. Hearing “master’s voice” in the microphone reveals something else, like the fact you’re in a meeting. Is the conversation half-duplex? You may be on a landline. Many phones know when they are being charged and change their ring behaviour. They can do more.

And here’s a second feature for cell phones ringing in the home or office. Let the customer, at that moment, call a special magic number from a prearranged land-line. This number would be put in the speed dial of the land-line, and the land-line would send caller-ID. A call to that number would grab the call going into the cell phone and transfer it to the land line. Ideally the cell phone company would bill these minutes at a lower rate, though I doubt it, since they don’t do that for call forwarding set up in advance. This is call grabbing, the way many PBXs can do.

For security there would be a bank of 100 numbers arranged for the purpose. A stranger could not grab your calls unless they knew which of the 100 numbers is the one for you on that landline. Many false attempts would disable the feature, which would be a form of DOS attack but not a very exciting one, as you can just grab the cell phone in that case.

For the user, the UI is simple. You hear your cell phone ringing in the charging station. You pick up a land line, hit a speed dial, and it answers and you are connected.

Of course, the real answer is that phones should never ring at all in most situations.

Understanding Mitochondrial Eve

(Advance note: Is there a reader who has video editing skills who might want to put together a short and amusing BSG-based parody video that I have conceived of? Contact me if so. Or if you have a complete collection of BSG videos or DVDs and are willing to find some scenes you could also help.)

Because it turns out that Moore decided to turn the entire plot around the idea of Hera being Mitochondrial Eve (MTE), I thought it would be good to add some information on just what this means, and why it was not a great choice as a plot fulcrum. The desire to have Hera be MTE placed the story 150,000 years in the past, and mandated a number of its less consistent elements.

First of all, people should understand that MTE is not “Eve” (mother of us all) nor is she the most recent common ancestor of us all — that person lived far more recently. MTE is an artifact of some simple genetic math. She is the most recent common ancestor calculated only through female lines. I pointed to this article about MTE before and it’s worth a read to understand why she exists and why she is less important than imagined. There is a “Y Adam” too, who is the most recent common ancestor calculated only through male lines, who also lived much more recently.

Everybody is descended from MTE, but everybody is descended from almost everybody who lived at that time. She is actually not particularly special. In fact, we are all descended from almost everybody who lived about 15,000 years ago. It would be more recent than that if human genetic lines had not been isolated for long periods in Australia, the Americas and a few other islands. Be clear: Just about everybody who lived then was ancestor to all of us. The only ones we are not descended from will be those whose lines died out quickly — they left no children or grandchildren. Once you start have several great-grandchildren, your contribution to the world’s genetic pool is all but assured, barring extraordinary events. Go a few more generations and your line is very hard to kill off, especially if it spreads a bit.

So while Moore wanted humans to be descended from Cylons, in fact that could have taken place 15,000 years ago. And if, as shown in the show, populations were distributed to the different continents, it could have been done even 4,000 years ago, or any point in between such as 40,000 years ago for the “great leap forward” when technology and agriculture and language started to really flourish. Australians isolated themselves from the rest of humanity about 50,000 years ago, however, when seas were low they got more recent influxes keeping them related to the rest of the world.

The next thing to understand is mitochondrial DNA (MTDNA) itself. MTDNA is special, in that it is only inherited from your mother. It does not change due to sexual DNA mixing like the rest of our (non-Y) DNA. Instead, it stays mostly the same. However, from time to time, it gets a small mutation that is not sufficient to kill the organism. So while our MTDNA is identical with our siblings, mother and our cousins who share a female descent line, it is very slightly different from other humans. The less related they are to you (ie. the further back your common great^n grandmother is,) the more slight differences there will be. It is precisely because we know the rate of mutation and can look at how different the MTDNA of different humans is that we can calculate when MTE lived, approximately. Estimates get debated, and you will see rates quoted at one mutation per 300-600 generations down to one every 40 generations.

But we don’t just share our MTDNA with our fellow humans. We share it with all the complex life on Earth. We share it with mushrooms and of course with chimps and monkeys and lemurs and mice. We’ve all got the same basic MTDNA, derived from an ancestor long ago that did a symbiotic “deal” with some bacteria to incorporate their energy processing engine into our cells.

Just as you have the same MTDNA, with minor changes, as an Australian aboriginal, you have the same MTDNA as a chimp, but with more of the small mutations. That’s because your common ancestor lived perhaps 50,000 years ago with the Australian, and 6 million years ago with the chimp. There will be 120x as many small differences. They are quite small so that does not turn out to be that much.

And thus we see the problem with how BSG used this process. On the BSG Earth, the chimps and the early humans would have shared fairly common MTDNA. But then Hera’s MTDNA replaced the human MTDNA. On BSG Earth, human MTDNA now bears no common ancestry with the chimps, or all the other animals of the Earth. This is quite different from the real Earth.

Now, we might consider that in fact they are not different because the God of Galactica (Gog) did a little intelligent design on both the evolved Earth life, and Cylons so that they would have the same MTDNA. Or rather that the difference between them would match what the genetic mutation clock says it should match based on the time back to the common ancestor proto-ape. And yes, when you invoke miracles, you can pull off anything, I suppose. But if so, it means the two sets of MTDNA were largely identical. In which case what’s the point? What is the meaning of Hera’s MTDNA supplanting that of the native humans if the two are identical to begin with?

If they are not identical, if there is a real, meaningful difference between Hera’s MTDNA and that of the rest of Earth-life, then this would have been big, big news in BSG-Earth’s National Geographic a decade or two ago. That’s because geneticists would have published stunning papers revealing that human MTDNA was not the same as that of apes or any other Earth life. This would have turned the scientific world upside-down. It would have have been strongly touted as hard evidence by the creationists. It would no longer be the world we live in.

This is also true for the rest of Hera’s Cylon DNA. Unless that DNA is impossible to tell from ours, or unless none of what she had was passed through to us, our genetic sequencing projects would have revealed the fact that we aren’t related to other Earth life, in some subtle way. We would have proteins and genes not found in any other Earth-life. But we don’t. We share all our genes with our animal cousins. For those, like Moore, hoping to draw a connection from the alternate history BSG Earth and ours, you must either say that none of the Cylon DNA made it through, or that it was so identical as to not make a difference.

Of course, there is an answer, discussed on this blog before. If the story had been written to say that the Kobolians came about through the abduction of primitive humans from this Earth some 6,000 or more years before the events of the show, then of course everybody is still related as they should be. The colonials, in this version, are just a lost branch of Earth-kind come home. But alas, this was never suggested in the show.

The miracle of aliens who can breed with Earth-life is indeed impossible without divine action. But it’s more than that. If there was a miracle, it created creatures so alike that in the end they contributed nothing new to the genetic code of humanity on Earth. In other words, a somewhat pointless miracle.

Now you may think that this is a somewhat subtle point, not known to the ordinary viewer who has no grounding in genetics. But this is no minor issue in the show, it is the single element upon which the entire ending, and indeed the entire plot was chosen to turn. Such a fulcrum deserves special attention. And it is also a sign of just how hard it is to try to write an alternate history which you can claim could be our real history. Something is going to catch you up. This is why many viewers never expected Moore to do something so foolhardy as to date the show in the past.

Connecting untrusted devices to your computer

My prior post about USB charging hubs in hotel rooms brought up the issue of security, as was the case for my hope for a world with bluetooth keyboards scattered around.

Is it possible to design our computers to let them connect to untrusted devices? Clearly to a degree, in that an ethernet connection is generally always untrusted. But USB was designed to be fully trusted, and that limits it.

Perhaps in the future, an OS can be designed to understand the difference between trusted and untrusted devices connected (wired or wirelessly) to a computer or phone. This might involve a different physical interface, or using the same physical interface, but a secure protocol by which devices can be identified (and then recognized when plugged in again) and tagged once as trusted the first time they are plugged in.

For example, an unknown keyboard is a risky thing to plug in. It could watch you type and remember passwords, or it could simply send fake keys to your computer to get it to install trojan software completely taking it over. But we might allow an untrusted keyboard to type plain text into our word processors or E-mail applications. However, we would have to switch to the trusted keyboard (which might just be a touch-screen keyboard on a phone or tablet) for anything dangerous, including of course entry of passwords, URLs and commands that go beyond text entry. Would this be tolerable, constantly switching like this, or would we just get used to it? We would want to mount the inferior keyboard very close to our comfy but untrusted one.

A mouse has the same issues. We might allow an untrusted mouse to move the pointer within a text entry window and to go to a set of menus that can’t do anything harmful on the machine, but would it drive us crazy to have to move to a different pointer to move out of the application? Alas, an untrusted mouse can (particularly if it waits until you are not looking) run applications, even bring up the on-screen keyboard most OSs have for the disabled, and then do anything with your computer.

It’s easier to trust output devices, like a printer. In fact, the main danger with plugging in an unknown USB printer is that a really nasty one might pretend to be a keyboard or CD-Rom to infect you. A peripheral bus that allows a device to only be an output device would be safer. Of course an untrusted printer could still record what you print.

An untrusted screen is a challenge. While mostly safe, one can imagine attacks. An untrusted screen might somehow get you to go to a special web-site. There, it might display something else, perhaps logins for a bank or other site so that it might capture the keys. Attacks here are difficult but not impossible, if I can control what you see. It might be important to have the trusted screen nearby somehow helping you to be sure the untrusted screen is being good. This is a much more involved attack than the simple attacks one can do by pretending to be a keyboard.

An untrusted disk (including a USB thumb drive) is actually today’s biggest risk. People pass around thumb drives all the time, and they can pretend to be auto-run CD-roms. In addition, we often copy files from them, and double click on files on them, which is risky. The OS should never allow code to auto-run from an untrusted disk, and should warn if files are double-clicked from them. Of course, even then you are not safe from traps inside the files themselves, even if the disk is just being a disk. Many companies try to establish very tight firewalls but it’s all for naught if they allow people to plug external drives and thumbsticks into the computers. Certain types of files (such as photos) are going to be safer than others (like executables and word processor files with macros or scripts.) Digital cameras, which often look like drives, are a must, and can probably be trusted to hand over jpegs and other image and video files.

A network connection is one of the things you can safely plug in. After all, a network connection should always be viewed as hostile, even one behind a firewall.

There is a risk in declaring a device trusted, for example, such as your home keyboard. It might be compromised later, and there is not much you can do about that. A common trick today is to install a key-logger in somebody’s keyboard to snoop on them. This is done not just by police but by suspicious spouses and corporate spies. Short of tamper-proof hardware and encryption, this is a difficult problem. For now, that’s too much cost to add to consumer devices.

Still, it sure would be nice to be able to go to a hotel and use their keyboard, mouse and monitor. It might be worth putting up with having to constantly switch back to get full sized input devices on computers that are trying to get smaller and smaller. But it would also require rewriting of a lot of software, since no program could be allowed to take input from an untrusted device unless it has been modified to understand such a protocol. For example, your e-mail program would need to be modified to declare that a text input box allows untrusted input. This gets harder in web browsing — each web page would need to have to declare, in its input boxes, whether untrusted input was allowed.

As a starter, however, the computer could come with a simple “clipboard editor” which brings up a box in which one can type and edit with untrusted input devices. Then, one could copy the edited text to the OS clipboard and, using the trusted mouse or keyboard, paste it into any application of choice. You could always get back to the special editing windows using the untrusted keyboard and mouse, you would have to use the trusted ones to leave that window. Cumbersome, but not as cumbersome as typing a long e-mail on an iPhone screen.

Powered USB Hub in my hotel room, and more

What should be in a good hotel room?

Well, one thing that’s easy to add to the list is a powered USB hub, with as many as 6 ports and a 3 amp power supply. Toss in some mini-USB cables (possibly just built into the hub) as they have become, for better or worse, the present-day universal charging standard. (At only 2.5 watts, USB is a bit anemic as charging standard, but it’s what we have for now.) A mouse would be nice too, but is a security risk.

Alas, we can’t have a keyboard on it, as nice as that would be, since that can’t be trusted. It might have a keylogger put in it (even by the previous occupant of the room) to grab passwords.

Now this is a fairly cheap item (under $20) and like many other hotel items, it could also be available at the front desk, though it’s so cheap I don’t see a reason for that. While you could not be sure it would be there at every hotel, it would still be useful, since it can add to the charging you bring, and most laptops can be a charging station if you are willing to leave them on overnight. It’s also useful as a hub. Indeed, have two, one on the desk, and one by the bed for cell phones.

We’re almost ready to not need the hotel phone unless you are coming from overseas and pay ridiculous roaming charges. But they still need it to call you sometimes, and I don’t want to have to hand over my mobile number at check-in.

Most hotel rooms now are getting a flat-screen HDTV. That’s great, but rarely do they offer up the VGA port that many of these TVs have, or a cable to plug it in. I recommend a 1080p TV for each room, located in such a way that it can be an external monitor for my laptop. As such there should be a VGA cable connected or handy. The TV could also be connected to the USB hub, and use a video over USB protocol for devices that have USB out but not video out. (This usually needs a driver and has some limitations.)  read more »

Digital cameras, embrace your inner eBook

Lots of people are doing it — using their digital camera as a quick way to copy documents, not just for taking home, but to carry around. Rather than carry around a large travel guidebook (where most of the weight is devoted to hotels and restaurants in other towns) we normally just photograph the relevant pages for the area we will be exploring. We also do it even with portable items like guides and travel maps since we don’t really want the paper. We also find ourselves regularly photographing maps of cities, facilities and transit systems found on walls. We will photograph transit timetables: take a ferry out, photograph the schedule of ferries going back. In countries where you can’t write the language, photographing the names of destinations, so you can show it to cab drivers and locals is handy.

Yes, I have also seen copyright violation going on, with people taking a temporary photograph of somebody else’s guidebook, or one in a library or hotel. Not to save money, but for the convenience.

While I still think a dedicated travel device makes sense when doing tourism, cameras should embrace this function. Some travel guides, such as Lonely Planet, will sell you a PDF version of the book or chapters in it. Perhaps being able to read PDFs is more than a camera wants to do, but these could be converted to PNGs or some other clear and compact format. A very simple book browser in the camera is not a tall order, considering the level of processing they now have. Though there seems to be a lot to be said for the simplicity of the camera’s interface, where you turn a wheel to find a page and then zoom in. If there’s a browser it had better be easier to use than that.

However, even simpler would be a way to tag a photo as being text (indeed, many cameras could probably figure out that a photo is dense with text on their own.) Such photos would be put into their own special folder, and the camera’s menu should offer a way to directly go to those photos for browsing.

I realize the risk here. Forced convergence often results in a device that does nothing well. In this case people are already using the camera for this, because it is what they are carrying. There is already pressure to make camera screens bigger and higher resolution, and to give them good interfaces to move around and zoom in.

In time, though, travel guides might deliberately make versions that you store on the flash card of your camera. Of course, you can already do this on your PDA, and I read eBooks on my PDA all the time. And sometimes your cell phone/PDA is your camera.