a glob of nerdishness

April 13, 2007

The wages of sin

written by natevw @ 12:41 am

Spam

A recurring scenario in science fiction involves humans making their machines more and more powerful until they are overthrown by them. Well, we are busy filling our online world with better and better Artificial Intelligence — designed to decide what is meaningful and what is not, what is good and what is evil. It seems that not a single open port or a single submittable form on the Internet these days can get away without some sort of AI to determine whether it is being greeted by a friend or foe. As a Christian engineering professor points out, spam is an expected consequence of sin. It should not surprise us that we must struggle with something like rampant spam.

Two approaches

The Internet revolves around two important nouns: bytes and addresses. All around us fly packets of data going from one point to another. The reasons spam is profitable are cheap data and rogue points. It’s efficient to send bytes across the wire and it’s simple to get an IP address. So if we plan to take on spam, then those are the obvious places to focus.

Bytes

Most bytes aren’t paid for directly. One buys bandwidth — a maximum rate at which bytes can be sent — typically on a subscription basis. How many bytes you get for your buck depends on how close to the limit you feed the pipes(1). A professional spammer buys industrial-strength bandwidth and milks it for all it’s worth. To make spamming less profitable, we could start charging more for bandwidth and the price of each junk e-mail would go up correspondingly.

However, that suggestion has a serious flaw. Spam is outgoing data(2). I think charging for outgoing data is abhorrent. The Internet’s current business model is already terribly skewed *against* the content providers(3). Byte-wise, spam is insignificant compared to what businesses like Download.com, YouTube, Google Image Search and the iTunes Music Store demand. If we raise the prices for spammers, we also raise the prices for non-profits like the Internet Archive, Mozilla, Sourceforge and sponsoring universities, Wikipedia, &c &c. Spammers are getting paid, not hoping for donations!

Addresses

The other obvious way to discourage spam is to tie an identity to each address. If you can trace the source, you can hold it responsible. This is some people’s worst nightmare, some citizens’ bad dream and some lawyers’ bread and butter. Needless to say, that method has privacy concerns that are beyond the scope of this essay. (Read: it might be a good solution but I’m not going there.)

Further drawbacks.

Both of these solutions would only provide more incentive for another rearing of sin’s ugly head. While some spammers spend their budget on big pipes, others use it to break into other people’s computers and send spam from there. This can be one organization with a fast connection, or a bajillion Internet Explorer users with normal connections. Increasing the cost of the pipes would only encourage more botnet-building research and development against vulnerable computers(4). I’d rather be stuck next to a shady neighbor with a mega-decibel stereo system, than one who has access to my, and all the neighbors’, volume controls!

Both of the obvious solutions have serious drawbacks. Those into politics are busy debating privacy, power and pricing. Those into programming are engaged in a battle of wits; whether to the death, the pain, or the world getting taken over by robots I can’t say just yet. I eagerly await for all things to be made new. But in the meantime, I think there is a way we can discourage spam, and I believe my professor is close to the right idea.

Further exploration

The problem is a double case of wrong perspective. As humans, we think of spammers shipping us barges full of toxic waste. In response, we do our best to implement port security. Humans are discerning creatures, so this might work in real life. But for a computer, telling the difference between toxic waste and the sacks of coffee that get us to work every morning is a hard problem.(5) The second perspective issue is much more subtle. When a barge full of dirty bomb material makes it through our port, we fume and feel victimized. We might even feel hate. We’re mad at the barge, we’re mad at the port it came from. We’re mad at our computer because it’s not competent enough to keep our inbox safe. But here is where the analogy breaks down. Spam is not motivated by hatred posing as zeal. Spam is motivated by greed. And capitalism is all about squeezing something good out of greed. I hope to explain in detail how I think we can exploit the tariff model, as well as exploring a number of side-effects, good and bad.


  1. …and whether said bandwidth is actually available or just some imaginary number that a marketing department made up.
  2. from the spammer’s perspective
  3. The better your content, the more bandwidth you will need to buy. This is just as true for non-profit organizations, and one reason even-over content hosting sites like Flickr, YouTube and Blogger are such good deals for the end-user.
  4. I.e., all of them. Vulnerability is a rank, not a switch that can be turned off.
  5. I suspect Bruce Schneier of having a reductionist view of humanness, thus, his paranoia about our nation’s recent security attempts stems from his incredible knowledge of computer security. Of course, there may reason for concern regarding Motherland Security due to experience with things such as history and human nature!

April 12, 2007

Senior Design

written by hjon @ 10:03 pm

As a manner of explanation for my lack of posts, here is some information about what I’ve been up to.

As part of my engineering degree, I am in the midst of a Senior Design project with two other engineers. We’re working on building an electric vehicle, using a frame from a Senior Design project done 10 years ago (they built a human-powered vehicle, so ours is intended as a next step). The primary purpose behind these vehicles is to reduce pollution caused by taking short in-town trips (tailpipe emissions are worst at a car’s startup, so a lot of short trips in town can be worse, pollution-wise, than a longer trip that allows the engine to warm up and reach its most efficient state). So these vehicles are intended primarily for commuting purposes.

Ok, I think that’s enough explanation for the time-being (if you want more, ask in the comments, and I’ll try to address it in a future post), but here are some pictures of the vehicle that we used for our basic frame.

Here’s a view of the human-powered vehicle before we took it apart (unfortunately, we had already removed the cargo area, so we don’t have any pictures of that):
Human Powered Vehicle (small)

Here’s a second view:
Human Powered Vehicle 2 (small)

Here is a picture of the frame after we took it apart:
Frame taken apart (small)

Finally, a close-up of the steering mechanism used on the wheels so that they tilt and turn:
Steering mechanism (small)

April 7, 2007

License options for those without legal departments

written by natevw @ 2:40 pm

Jeff Atwood has put together a handy chart of software licenses on his great blog. It lists only a few of all the software licenses known to man, but that’s just the point. What makes the chart especially handy is his choice of columns. Succinct “Source” and “License” headings help narrow a choice down, and the “Clauses” column suggests the amount of legalese you’re in for upon further investigation. It’s almost as helpful as the Creative Commons license builder(1), but for software developers.

For helping programmers to share their own code, the three Microsoft licenses (especially the two which have Open Source Initiative-approved cousins) seem out of place. All the same, I present for completeness a similar summary of the Apple Public Source License, version 2:

  • Source: Open
  • License: Permissive / Weak copyleft
  • Clauses: 13 with abundant sub-clauses
  • Gist: allows proprietary use of unmodified code, with patent and source code caveats on modifications.

Obviously not a great choice for new code(2). It’s a license Apple uses to voluntarily release the kernel code for OS X, and even they don’t use it for all their available sources.


  1. …though if I ever come across (or make) a page that puts the extra CC polish on the process, I’ll let you know.
  2. The wildebeest himself approves your use and contributions to APSL-licensed software, but doesn’t “recommend you…release new software using this license”.

April 2, 2007

Assembly primer

written by natevw @ 8:09 pm

I’ve been doing a lot of C++ coding at work lately, and sometimes the only “source” Xcode can show when debugging a compiled library is assembly code. Could knowing assembly language help debug C++ code? Short answer: no. There’s better techniques, and the assembly code often takes me closer to the machine (and the deadline) than I need to be in those instances.

Yet I’ve had a longtime interest in assembly code, for numerous reasons(1). Take this tiny piece of segmentation-faulting assembly:

call *8(%edx)

I had a hunch edx was a processor register (a “variable” of sorts), and sure enough Xcode’s debugger showed a 0 in the EDX register. “Call” then seems to say I’m trying to execute code from a bad function pointer that got written into EDX. But what’s with the “*8″, and does the ‘%’ mean anything special? Enter a great tutorial on AT&T Assembly Syntax, which happens to be what the GNU toolset, and therefore Xcode, uses(2). From that, we see that the percent sign is just a sigil that prefixes a register name.
The “*8(” part is a bit trickier. Under “Memory Addressing”, we see that a memory takes the form of “segment-override:signed-offset(base,index,scale)”. Don’t ask me what all that is, but it seems in our case we can simplify that down to “signed-offset(base)”. Lower down, we see that “Branch addressing using registers or memory operands must be prefixed by a ‘*’”. So it appears that this instruction says: Call the code that is located 8 past the address in the EDX register. Cool!(3)

It’s still on my to-read list, but if assembly language is interesting, you might want to check out Paul A. Carter’s PC Assembly Language free PDF book, geared towards assembly language from C. Let me know how it goes!


  1. …from the days when the processor was closer, and just wanting to know how it worked, as well as wanting to write über-optimized code, modify my GPS’s firmware and make things with embedded processors…with only an assembler and raw coder-manliness! Now that Apple uses x86 on their desktop machines, that’s all the more reason to learn
  2. To fully decode Assembly Language, you’ll also need a mnemonic reference for your architecture. The sig9 tutorial uses IA-32, which is has a good chance of being what you’re using.
  3. Or in our case, not so cool. Since the EDX register contains 0, this would call code at address 0×8, which isn’t our code. Thankfully, the kernel detects an address this messed up and puts a quick stop to the program. However, most of those worrisome “arbitrary code execution” security holes which Microsoft was particularly good at work using similar unexpected-address calls: a cracker finds a way to a) put some machine code into memory, and b) put a “call” into the list of upcoming instructions that will run said machine code.

March 27, 2007

Finger Upgrade

written by natevw @ 8:11 pm

Don’t miss bbum’s Magnetic Finger: A Sixth Sense. He describes how to make yourself sensitive to electromagnetic radiation using nothing but an old hard drive, a bit of bamboo and some coconut. (Which might help explain to my wife why I keep so much junk(1) around the house.) You could also follow the links, repeated here, to read more about the surgical inspiration for his adventure.


  1. that is, spare parts

March 20, 2007

Got Juice?

written by natevw @ 7:44 pm

I’m quite mad at myself for using one of the most annoyingly aped ad campaigns ever, but it’s too late now. Mike’s Electric Stuff is a site chock full of electrical and electronic hackery.

March 8, 2007

Oldies

written by natevw @ 8:23 pm

Thanks to Ned, I found Old-computers.com, which has apparently been around longer than when I put up a list of vintage computers that I was playing with circa 1999.

I’ve just finished reading The Autodesk File in original book form (although it is now available online) and this site would have been a great reference to all the early personal computers mentioned therein!

Perhaps my first memory of computers was playing Starblaze on my dad’s Tandy Model 100. I remember him coding Tic-Tac-Toe on an Apple /// that sat in my room for ages, which I eventually “networked” with a long serial cable to a TRS-80 Model III that found its way into another corner. Then came the CoCo2(1) years, where I would turn the living room into a dance hall by looping the screen through colors controlled by a pair of joysticks. Good times! I sometimes miss those days when the guts of the computer were just a PEEK or a POKE away. Instead of surfing through a googol of sites, most of what I learned in those days came from poring through one BASIC Program Conversions book(2).


  1. it happens to be the site’s computer of the day today
  2. …which my mom graciously found for me when the library discarded it at last!

February 27, 2007

On Lisp

written by natevw @ 7:13 pm

Found a particularly funny [xkcd] cartoon via Ryan Tomayko’s blog (which seems to have more interesting things on it and has therefore been added to “Interesting Sites”). Anyway, you might like Randall Munroe’s Lisp cartoon if you’ve ever read the continued praise of the nearly fifty-year-old language.

February 24, 2007

That’s one way of using technology in an unforeseen fashion…

written by hjon @ 8:52 pm

Two ways, actually. Here’s a story about a pianist whose albums have been discovered to be copies of other performers. How was this discovered? iTunes, of all things. Also, here’s a more in-depth analysis.

On the other hand, one could use SETI@home to find a missing laptop.

[both via Slashdot]

Blogged with Flock

Schroeder and Gibson on hard drives

written by hjon @ 2:00 pm

More on hard drives. Here’s a paper that won a “Best Paper” award at FAST ‘07. And a wonderful summary from StorageMojo. Schroeder and Gibson are from CMU’s Parallel Data Lab.

Blogged with Flock

« Previous PageNext Page »