wither in the light

Can't afford the new Palm Pilot? Or, like me, don't have enough things happening in your life to justify any glorified electronic sticky-note replacement? 43 Folders takes it back to *really* old-school: the Hipster PDA.

While Flickr is probably still the best all-around free image hosting service, ImageShack's service is extremely low bullshit for people who just need a place to put their pictures.

For that special someone in your life: the Unfortunate Animal of the Month Club.

Need a bunny with a conjoined fetal twin? No problem. Mutation? Check. Bunny-skin trophy rug? Got it.

Doc:

Igor, would you mind telling me whose brain I did put in?

Igor:

And you won't be angry?

Doc:

I will NOT be angry.

Igor:

Abby someone.

Doc:

Abby someone. Abby who?

Igor:

Abby Normal.

Doc:

Abby Normal?

Igor:

I'm almost sure that was the name.

The Google cheat sheet.

Your waiter reports from the front lines.

As I’m walk to my car I think about that young woman. I wonder how I would cope if, God forbid, I was in a similar situation. I once knew a coworker who lost both legs above the knee in a car accident. After rehab he became a computer whiz, cashed in on the dot com boom, married a knockout, and lives in a big house in Delaware with a veritable legion of children. He still drives his own car. I also knew a patient who lost a foot to diabetes. He killed himself soon after amputation surgery.

I shake my head. There are a lot of variables to consider. I guess it depends on the person and their prior history. I can’t help but wonder if I’d rally or fold.

Some strikingly human observations... leave a good tip.

Every single Calvin and Hobbes strip, November '85 through December '95.

Having numerous computers behind a home firewall/router, I've often used WhatIsMyIP.com to figure out what my 'real' external IP address is. It's useful when I'm giving someone FTP access or when the local DNS servers are fritzing out or when my wireless card keeps acquiring a legit external IP address and I want to make sure I didn't blow a big hole in my router firmware the last time I tweaked it. For semi-permanent access like VPN and Remote Desktop I use DynDNS so I don't need to know the IP address, but sometimes I just need the info quick and whatismyip.com does the trick. It's one of maybe 20 simple web utilities I use every week.

Well the (really quite) simple web utility just eBay'd for $386,100US. Wow. Somebody somewhere is pretty damn happy right now... for an investment of maybe a few hundred dollars, they really raked it in. The site gets over 1.7 million hits each month, with over 3GB/day bandwidth provided for free by Shanje.net in exchange for the most unobtrusive little adspace in the upper right corner. This is where it's at, now... the whole dotcom 'killer app' hunt fizzled out, but small free helpful little websites are making all kinds of money. Power to the people indeed.

There's a good chance that whoever bought it is going to totally fuck it up, turning it into a large page of ads with a tiny little box that shows your IP address. (Compare whatismyip.com to whatismyipaddress.com... which would you rather use?) They'll turn over a few million this year from Google AdSense hits alone, and they won't care if it dies out after that. Or, who knows, maybe they'll be discreet and do it right. If not, there are other options like IPChicken or (even better for scripting) checkip.dyndns.org, which returns a single line of text: "Current IP Address: your.ip.add.ress". If you've got your own webpage with CGI/PHP/ASP/SSI functionality, you can also just do this yourself... it's a one line script. Won't work on Blogger though :/

Hunter Thompson killed himself yesterday. Fuck.


"when the going gets weird, the weird turn pro"

It was pretty obvious the end was near when he started comparing Nixon favorably to Bush. I guess there are limits to how much fear and loathing even Dr Gonzo himself could take. What chance do the rest of us have?

The Onion's relevant headline: "Contemporaries Remember Hunter S. Thompson As Ravenous, Mutant 40-Eyed Lizard-Demon".

From an obit at Jackson Specific:

Turn on the television and listen to George W. Bush, full of braggadocio, ignorant or impudent in the face of reality. Hunter S. Thompson was a spirit of a true America, an America that right now feels very far away. Rest in peace, brave and insane soldier. We will carry on your work. We will aspire to your greatness. You cut a swath through a jungle of inequity. We follow behind, cursing the gnats.

Goddamn, these suckers're big.

I like to think he'd have enjoyed the way the headline turned out:


That's entertaaaaiiiiinnnnmmmentttt... cue the curtain.

Do your ideas for how to destroy the Earth seem out of reach? Perhaps you need to work your way up to it by studying the Top 100 Things I'd Do If I Ever Became An Evil Overlord for some inspiration.

If you've got the Shockwave plugin and a few minutes to kill, check out kaleido. It responds to mouse movements in an eerily fluid way; if you leave the mouse in the center it makes great mandalas.

1. Now that I'm on this funky diet everything I want to eat consists almost entirely of glutens, sugars, and/or fat. Mmm... donuts. No pizza? Wtf? How the hell am I expected to live without pizza?


2. Cardboard has several distinct nutritional and aesthetic advantages compared to the gluten-free breads I can get at the hippie store.


3. Maybe I'll make a pizza on cardboard. Or order a pizza and ask them to hold the crust.


4. Actually I shouldn't be eating tomatoes either. Or potatoes. Turns out they are mildly poisonous members of the nightshade family. Fuckers.


5. I'd already stopped eating most dairy products, but I'd found these nice Boca soy-cheese pizzas. That I now can't eat because the wheat crust and tomato sauce might be contributing to my general unwell-being.


6. If I had some ideology I was really attached to, I could just say this is a hunger strike. I'd demand better treatment for prisoners. And pizzas.

Bruce Schneier has more thoughts on the recent discovery of SHA-1 hash collisions that put the situation into proper perspective. As Jon Callas, CTO of PGP, says: "This is not a run for the exits, the place is on fire kind of situation... it's the fire alarm is on, this is not a drill, please move to the exits."

There is a lot of hand-waving going on about this discovery, so I took a deeper look at the math to find out what is really going on. SHA-1 generates a 160-bit hash from any message, from the letter 'a' to the entire Library of Congress. Since there are no restrictions on message length, there are an infinite number of messages... and unfortunately this means there are also an infinite number of messages that map to the same hash. Even though hashes like SHA-1 are used to validate the authenticity of messages, the situation isn't as bad as it seems because the vast majority of messages that map to the same hash will be garbage, or at least contextually unrelated to the 'real' message.

But what if someone found a way to generate a message that had the same hash as another? Suppose the real message is "IOU $100", and you use SHA-1 to digitally sign it... and then someone finds that "IOU $100000" maps to the same hash, and tacks your digital signature on to the end of the new fake message. The trust boundary has been broken, and every message becomes suspect.

Currently the situation isn't as bad as that... the recent discovery does not provide a mechanism for finding a new message that has the same hash as an existing message. It does show how to create two messages that have the same hash, but the term 'message' is used loosely here since the methods involved don't maintain contextual coherence between the two messages - there isn't an easy way to make the two messages both adhere to any specific syntax like the English language or bank transaction protocols.

Since there are 2¹⁶⁰ possible hashes (~1.46*10⁴⁸) in SHA-1, a brute-force attempt to find two messages that map to the same hash should take on average 2⁸⁰ (~1.20*10²⁴) attempts before succeeding. The recent discovery shows a way to reduce the number of attempts to 2⁶⁹ (~5.90*10¹⁸), or 2048 times fewer calculations. Reducing such large numbers by a factor of 2048 might seem insignificant, but suppose the new method allows someone to generate a collision in one day instead of 2048 days... there are a few computer systems in existence right now that can do this in ~2.5 days, versus 14 years doing it the old way.

The problem of creating a new message whose hash collides with another specific message is still way beyond the computational power that exists today... there are still infinities in the equation, and you can divide as much as you want out of infinity without gaining a thing. On the other hand, like the lottery, you could hit it on the first try. The odds are so astronomically against it that no one would bother trying - unless, like during WWII, there was enough on the line to justify the effort. Crypto buffs take for granted the idea that right now, given enough incentive, the government could build a system that could crack problems like this in hours... and that in a few years, computers will be so much more powerful that it wouldn't even require the resources of a country to do this. The trick is to make the problems more complex faster than computers make the solutions more accessible.

(The title is the SHA-1 hash of the sentence "if you can read this, SHA-1 is broken.", with some spaces inserted to prevent word-wrap issues.)

According to Bruce Schneier, "SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing." SHA-1 is a cryptographic hash function that keeps digital transactions 'safe', or did up until now anyway.

'Broken' means that researchers have figured out a way to generate hash collisions (I've written about these before). Which basically means that even though an attacker still can't figure out the original data whose hash is being used to provide security, they could theoretically come up with some other data that mapped to the same hash.

A computer generally doesn't store things like passwords and validation codes, because if someone got their hands on that info the security would be blown wide open. Instead of storing passwords, for instance, the computer stores a hash of the password. When you supply a password as you are logging in, the computer takes the password, hashes it, and compares the hashes. If they are identical, you are legit.

Microsoft's Xbox copy-prevention routines rely solely on SHA-1; most crypto applications use SHA-1 as part of a larger and much more complex algorithm. So for most things (like online $ transactions) this isn't anything to fear, it's just a chink in the wall that can (and will) be chipped away at over time until a true security breach occurs. By then everyone will have moved on to the Next Thing, whatever it turns out to be.

Wikipedia has a great info page on SHA-1 if you're interested in learning more.

On Tori Amos' official website you can play every song from every album she's released. You know. If you want to.

I don't even listen to her music, I just think it's cool that she's doing this. Makes you wonder about guys like Metallica who get their panties in a twist over filesharing.

... but he's too stoned to come to the phone right now.

Kaden Harris, whose desktop mangonels, trebuchets, and ballistae already make him a minor deity for me, is apparently a pretty useful guy to have around. Like when he MacGyvered this rather Jules-Vernian bong together for some friends.



Quoth he:

Total elapsed time from concept to completion: 11 minutes

Valu Village cookie jar

2 doorknobs, a low pressure expansion fitting, a high pressure ball valve, a 3/4" pipe union, 3 chunks of brass tubing and some lamp bits. The screen is a piece of expanded brass from the inner core of a chunk of heat exchanger pipe.

It worries me that I had all the components not just on-hand, but in plain sight. And not in the shop.

I don't even smoke, I'm just impressed by the creativity.

Lawrence Lessig (I've written about him before) on the absurdities of our current copyright laws, bands suing their customers, and why Wilco is the future of music.

"Music," [Tweedy] explained, "is different" from other intellectual property. Not Karl Marx different - this isn't latent communism. But neither is it just "a piece of plastic or a loaf of bread." The artist controls just part of the music-making process; the audience adds the rest. Fans' imagination makes it real. Their participation makes it live. "We are just troubadours," Tweedy told me. "The audience is our collaborator. We should be encouraging their collaboration, not treating them like thieves."

Lawrence knows what he's talking about... in the comic book that America has become, he's one of the few superheroes fighting the good fight. And Wilco... I'm sitting here in a 'This Mortal Coil' t-shirt blasting the Pixies on the headphones, thinking about how cool Wilco is. I've mapped a shortcut from Frank Black to Wilco, from "I break the walls and kill us all with holy fingers" to "I know you've got a God-shaped hole", that makes perfect sense. It might be another one of those water-heater things, but it works for me.

Bored amateur minion of evil finds a pile of graded freshman physics homework, pulls out his trusty red pen, and adds some commentary of his own before placing them back in the pile to be returned to the students. Hilarity ensues, as does that looming sense of terror that lodges in the student's nightmares. This terror will stay with them until the day they graduate... at which point it will be replaced by fear that they will be found to be a fraud.



In the peculiar (*cough* redneck *cough*) culture of the university I attended, the engineering students never sayed they got 'screwed' or 'fucked', they said they got 'dicked'. (Fuck, bring on the bizarre Google hits.) Usually this dicking was done by a clueless TA that knew maybe six words of English and even less about the subject material but was talented as motherfucking Zorro when it came to slashing points off our papers. When papers were returned to us it was common to hear someone say "I got dicked a point for that?"

Sometime in my junior year my friend Richard and I spoke of dropping out of engineering to provide much-needed niche-market office supplies. We'd only have one product: a fine, well-balanced red pen. We'd call it the Dictapoint.

In another life I dated a woman whose sister is mildly autistic, whateverthehell that means. She collected those little plastic jobbies that hold loaves of bread shut, and the plastic rings you tear off the tops of gallon milk jugs. A typical conversation with her went something like this:

Her: (humming for twenty minutes, then suddenly giggling)
Me: "What are you thinking about?"
Her: "Oh, you know... water heaters..."

On her own her autism was obvious, but she didn't seem too 'out there' when seen in proximity to her non-autistic sister. Which says something about the way small changes that make sense can accumulate until there's a steep reality gradient and things that would have seemed wacky from where you started make perfect sense, thank you very much. I think it's one of the fundamental forces driving this universe. A tautological Law of Conservation of Viewpoint.

Like that deal with frogs, where if you (I'm not advocating this, btw) throw a frog into a pot of boiling water (please don't) it will freak and jump out, but if you put it in a pot of room-temperature water and slowly turn up the heat until it's boiling, the frog will just sit there and cook. With me the 'heat' is some neurochemical imbalance being driven into instability by chronic pain, medication, the goddam psychotic tweetybird that is living with us for awhile, and plain old bugfuck stir-craziness.

I've been travelling a bit lately, in this sense. Surfing the reality gradient. One thing leads to another, and the next time I am 'conscious' I look back and wonder what the fuck just happened over the last few days... 'I' am having to reply to emails that refer to letters some other me wrote. I'm aware of it just long enough to get all paranoid about it, then 'I' get subsumed by the waves and start all over again. I am Billy Pilgrim, unstuck in time.

It would be nice to run into my old friend's sister again... I think I finally understand about the water heaters.

Every year at Burning Man I meet people who are missing ("no, I wouldn't say 'missing', Bob") the first days of the school year... Berkeley's year starts pretty early, and it seems many high-schools do as well. In addition to the culture shock this induces (transitioning overnight from Burning Man to being a week behind in school must *suck*) this is a problem because many schools un-enroll you from a class if you don't show up for any of the first three days, regardless of whether you intend to show up for the rest of the term. But they'll usually work with you if there are extenuating circumstances like a death in the family or something.

Apparently the students have run out of fictitious relatives to bump off, and a new excuse is needed for missing the first week of school. Or maybe not - it might just be easier to change the day school starts. So say the parents of many San Francisco burners, who are asking the school board to delay the start of the school year until after Burning Man. The school board ('The Man', as in 'damn the...' and 'stick it to the...') is expected to ignore the parents and rain on everyone's burn and start school the same day Burning Man starts.

Looks like poor old aunt Edith is going to have to go down for a dirt nap... again.

If you can wade through all of the legalese, it appears that this patent application submitted by Microsoft last week boils down to representing latitude and longitude in different numerical bases... such as base 60, which yields the degrees:minutes:seconds representation that has been used since the Sumerians came up with it around 3000 BC. Microsoft seeks to patent the usage of these numbers in URLS due to the prevalence of GPS devices popping up in phones, PDAs, and toasters.

It all depends on how you look at it:

Q: How many Bush Administration officials does it take to change a light bulb?

A: None.

There is nothing wrong with the light bulb; its condition is improving every day. Any reports of its lack of incandescence are illusional spin from the liberal media. Illuminating rooms is hard work. That light bulb has served honorably, and anything you say undermines the lighting effort. Why do you hate freedom?

[thanks, farkleberries]

Vinyl? CD? Cassette? Clay tablet? The analog-vs-digital debate rages on.

Boy, I'll tell you what, I sure do miss the analog warmth of the clay tablet.

Remember how distinctly not-plastic cave carvings were? What a drag! If you wanted to correct a mistake, you had to switch caves completely. Try getting a modern family to do that. "Hey, put down the Gameboy for long enough to walk to another cave, Johnny! Your dad messed up the parable of the deer hunt again." Fucking right! And marble... everyone makes a big fuss over the beauty. Don't get me started on that marble noise-- screw up a marble carving you have to go mine a fresh ribbon of marble, make a slab, buff it...

... or just buy a fucking bumper sticker. Everyone else is.