BITS
![[site feed]](/blogger-feed.png)
abuse list subscription mechanism
7640 7CAE 83CD 3564 E095
17CC FCFC AA30 E578 6247
other blogs
Blogroll Me!
Currently reading:
Essentials of Programming Languages
The Origin of Concurrent Programming
Lisp in Small Pieces
ANSI Common Lisp
Introduction to Automata Theory, Languages, and Computation (1st Ed.)
My Amazon Wishlist
![[Powered by Blogger Pro]](http://saladwithsteve.com/powered_by_blogger_pro2.gif)
![[Valid CSS!]](http://jigsaw.w3.org/css-validator/images/vcss)
![[Join the EFF]](http://saladwithsteve.com/eff3d_sm_trans_icon.png){kind=icon}
![[explore my social network at blogdex!]](http://saladwithsteve.com/socnet.png)
![[verisign off]](VerisignOffTile1.png)
![[Made on a Mac]](MadeOn_blue.png)
(original template from glish. thanks!)
archives
current
saladwithsteve
Monday, March 25
03:16#
Sunday, March 24
You'd think that after coding Blogger for 10 hours that I'd have had enough programming for one day. Not true, I just tested my new xml-rpc interface via DrScheme using CapnRPC and wrote the beginnings of a client in scheme for the old Blogger API. You know how it is, you like programming but get tired of facing the same language troubles over-and-over so when you're fried on Java, you move to Scheme and feel better about the world and your place in it. You lower the hari-kari blade and bust out the cognac and cubans.
Tomorrow is another p2p-hackers meet, this time featuring dnm all the way from New York. He crashed at my place the first night he was here and yet somehow managed to avoid getting in the way of work. Grand Theft Auto 3 kept him busy. That and the World's Largest Pizza. That's not Dan and that's not my apartment but it is a big fucking pizza and that I gotta respect.
Virtual Machine Design and Implementation in C/C++ finally came out, I'm going to try and pick up a copy tomorrow before the meet. I've been spending about an hour a night reading various compiler books I have but none of them give more than small hints about more arcane details of virtual machine design. Mak's book, mentioned in a previous post, is the closest I've got. That and the Blue Book. Oh, and the Green Book is a fun read but a bit of a tease. worse than me.
tonight my hour was spent reading the Tiger book (Compilers in Java) with my downstairs neighbor alternately screwing very loudly and arguing very loudly at each other. Neither is more pleasant than the other. I just kept my mind on Symbol Tables... Symbol Tables, Symbol Tables, *SPANK* *OH!* D'OH!
Another Blog idea I had was one where various people posted interesting papers they've read recently.
03:19#
Wednesday, March 20
On the Design of Application Protocols is one of the simplest, cleanest papers I've read on the subject. If you have any interest in the subject, you should spend the 30 minutes it will take to read the 13 pages of this paper.
20:26#
Tuesday, March 19
Ev describes Sunday's first post as being "all-over-the-map". Yeah, I hadn't posted in nearly a week and my brain burst.
I had a few ideas for new blogs:
The Bullshit Blog: A community moderated blog rating other blogs on how full of crap they are. First on the list is William Shatner's pile o' poo. I'm convinced he doesn't even write it so he gets 5 out of 5 turds. Seeing the William Shatner's Publicist blog makes me wonder if blogs are the next Guerilla Marketing tactic? Let's hope not.
The Bookmark Blog: A sidebar blog (similar to BoingBoing's Guestbar blog) for keeping links that are worthy of sharing but you don't want to spend an entire post talking about.
12:08#
Sunday, March 17
Too wonderful to not share:
Drew's paintings:
- "World of Butter"
- "BLEGHHH how did i manage to eat a ladybug" and
- "slashing your throat with the pink slip you just gave me"
Oh happy day. 20:45#
Something I failed to mention regarding using a webserver's built-in HTTP Authentication for the metaWeblog API is that the API isn't designed to be exposed in a particular way. If you choose to only use HTTP Authentication, then you lose transport independence, and you can't really expose it via SOAP. XML-RPC, even though not explicitly designed to be transport independent has none-the-less become so as we see XML-RPC over SMTP and XML-RPC over Jabber. I would really hate to lose transport independence for the sake of laziness. 20:04#
Wednesday is my scheduled day of Salvation. Speakeasy brings in my 1.5M sDSL that day. They were trying to sell me a T1. It's only twice the cost of sDSL and provides lower latency plus i'd be higher up the customer service chain supposedly. I politely declined.
I recently picked up Ronald Mak's "Writing Compilers and Interpreters: An Applied Approach Using C++" along with "Rethinking Public Key Infastructure and Digital Certificates". Don't be afraid of the first title, it's merely C-with-classes and the occasional cout but that's the extent of the non-ANSI C in the text. I'm really only interested in section 2 about building runtimes since that's where my knowledge is the thinnest right now. The PKI book should be interesting since the author is a heavy advocate of people issuing their own certificates. Rock on.
Yesterday was the third time in two days that I talked about forward secrecy in SSL. I think it's an important topic so I'll reiterate: Your data is not very secure with an average SSL connection. In a standard SSL/TLS connection, your data is encrypted with the same key as the next guy's data and will be encrypted with that same key until their key expires and they generate a new key.
Let's say that somebody, the Mob for example, sits on (or near) XYZ's network and keeps a copy of all (or just a lot) of the SSL traffic that floats past. Next, they break into XYZ's machine and steal a copy of the key. That key is then used to decrypt all the captured traffic. Anybody who sent their credit card to XYZ would be in for a world of hurt. A forwardly secret cipher would re-key every seperate connection so that even if the Mob were to have a copy of all that traffic, each session would be as impossible to crack as the next one. Not only does rekeying happen frequently (every seperate connection to the server is rekeyed) but the new key is flushed after the connection has ended. There's simply no key for the Mob to steal that would decrypt even a single session, let alone all sessions. Pretty spiffy.
Forward secrecy isn't for everyone, as always there are trade-offs: Rekeying every connection can be expensive but if you handle sensitive information, then you should bear the brunt of this expense.
In case you're wondering, a FS ciphersuite isn't the default in the SSL webserver I run since nothing particularly sensitive passes through. I do allow for a FS cipher so you can use one if you so choose but I've yet to see a web browser allow you, the incompetent and ignorant user, to choose your own ciphersuite. Also, I do send my credit card digits via non-FS'd connections but I have good credit card fraud protection and keep an eye on my accounts every month. That may not be enough but I somehow find a way to sleep every night despite the scary internet boogie men.
I.m.orchard (via Ev) asks: Why not use HTTP Authentication for the weblog API?
The reason not to use HTTP Authentication in the weblog API is mainly identity management. Unless you tie the API implementation into the webserver, you have no way of knowing which user is accessing the restricted resource, you'll only know that somebody on the list of allowed people is viewing, no HTTP header exists to tell you who is authenticated. So if the API is only going to be accessed by a single person, then there's no reason to not use HTTP Authentication.
I think HTTP Authentication is decent to model the metaWeblog API authentication from, as long as you allow for a negotition of the ciphersuite involved when using Digest mode just as you can negoitate your ciphersuite in SSL/TLS. Just using SSL might be a good enough answer.
Ok, that's enough technobabble for now.
On a more political note: Is it just me or is the new Left actually not a whole lot different than the new Right besides a few leanings towards humanism? I know I'm not the only person to note this. Bukowski once said: "Those who scream for peace - they'll be the ones who murder you in the end." and it seems to me that the '60's Left are split into two groups: the new Big Brother or the ones that live in the hills of Marin County growing weed as a cash crop. I suppose it was more evident during the last two Presidental terms but beyond the uppity-ups, the new Left has remained at the reins. I've noted this through various people I know who work in local, state, and national government, from the welfare, to corrections (prisons), to watchdog arms (EPA, GAO), the conservative hardliners retired and moved aside for the political ideologists of the 60's, the deadheads, and all those reformists who preached so strongly that they had a long road ahead.
How did it turn from free-wheeling happy-fun-time to Clipper chips, state-sponsered classism, corporate welfare, and national ID badges (GWB isn't the first to spout off about national id's)? Power corrupts? Old age promotes cynicism? Reality TV? I don't really know but I'd like to find out.
Should we look back to the '20's Left? They actually accomplished things that have changed our society for the better: women's sufferage, better treatment of the working class. Neither was a small amount of work.
Maybe someday the "right wing" working class families of America will wake up and realize that they have more in common with the old left than the new right. According to Proudhan, it's doubtful but I have more faith than that. Somebody could repackage Emma Goldman for our decade, give her a "Taking Back Conversativism" slant, and feed it to the masses. It's so insane, it just might work.
On a musical note, Propaghandi's songs read more like Letters to the Editor than traditional music. Case in point (and this song was published months before 9/11):
Four more years of war is peace, ignorance is strength and slavery is freedom. Four more; may all your interventions be "humanitarian". Four more years of legalized bribery and served corporate interests. Four more years of pay-to-play politics, power and influence. So vote for tweedle-dum or tweedle-dee and a framework of debate narrowed for you courtesy of the ultra-rich and a media that filters out any voice that challenges their power. Like Nader bounced in Boston by State-Troopers because he don't speak for oil-tycoons and bankers, whose pursuit of happiness and liberty demands a rhetoric of fear to be the litmus-test for viable heirs to the phony drug-wars, the trumped-up rogue-states, the permanence of a war-economy.I feel less hopeful and less human as I'm reduced to nothing more than cheering on embassy bombings as the liars pave their way through four more years...
I find their latest album title, "Today's Empire, Tomorrow's Ashes", oddly inspiring. It reminds me that like every Empire before, ours will end eventually and maybe we can have a hand in what comes next. We haven't seen much that has worked: Plato's warrior-king ideal failed us, Marxism mutated into a self-hating State obsessed with killing it's own citizens, our beloved Democratic-Republic at least places value on it's own people; slaves are worth more alive than dead but it takes the opposite view of non-citizens. Orthogonally, large societies have always excelled at transferring Quality-of-Life from it's lowest citizen to it's highest. Something tells me that wasn't the original point of Society but it's become it's major side-effect. I somehow doubt that when Grog asked Ughh and Mubb if they'd want to work together in growing some crops that he figured Mubb thought "Damn, I could make a killing on these two suckers!"
I recognize that my quick anecdotes are somewhat unfair. I wouldn't be alive today if it weren't for the medical technology that perhaps only a large society could fund research for. See my point above about slaves.
So I can't help but ask: What is Next?
Ok, enough vague ponderings, I have serious work to take care of. 14:56#
Monday, March 11
I removed the CSS at the request of.. everybody. 18:26#
My site has been looking strange lately, i've been fiddling with CSS. Check it out in OmniWeb. Maybe that should be my site; No text, just cubism.
I received my Safeway.com order earlier. I'm impressed, everything was there and the produce was good looking despite the extra-green bananas. Today was the first day they were delivering in San Francisco.
The driver told me that there's a store at the very end of Fulton, about 30 blocks down, right across the street from the Ocean (No, it's not a club, it's the Pacific). That must be new because I don't remember it the last time I was there. That was late 2000, when I took my folks hiking the 40 blocks across Golden Gate Park, showing them the buffalo, the museum, the tea garden, and the carosel. Carosel. That word always makes me think of Logan's Run but I'm really not that old.
I might have the E paper finished before I go to bed tonight. I've been really careful with the wording as well as paying a lot of attention to the various critiques I've received. Finishing this paper is pretty important to me, I just need to find time around work and my home life.
MarkM was kind to include me on the page for the new E distribution. Zooko and I put on the costumes of simplistic Object-Oriented programmers and tried to figure out how those people would feel about E's class keyword. It's being deprecated as a result.
Unlike stevek (the beginner facet of me), the Maker pattern no longer troubles me. It's grown on me. I'd still like to hear the history of Maker patterns, as they aren't prototypes as far as I can tell (but I would have a hard time enumerating the differences) and they certainly aren't classes. On paper they're considered descendants of lambda calculus but what isn't?
We watched Alias last night and all I could think was: "when did this show turn into the X-Files?" I prefer skimpy costumes and ass kicking over wild-eyed Nostradomus-a-like prophecies. Please ABC, give me a break.I watch so little Television, I was hoping it didn't all suck.
I need to call speakeasy and try to run the gambit again to get my DSL service moved here. I don't know why this is so amazingly hard, I've been trying for weeks. If I could, I would just switch to PacBell but I'd have to pay speakeasy for the rest of my contract and at sDSL rates, that's not cheap. 13:42#
Dear Mr Jenson , Thank you for ordering at Safeway.com. We are delighted you took the time to register and to shop with us. Your order is confirmed below and is scheduled to be delivered on [...]How sweet it is. 02:01#
Sunday, March 10
I'm spending today trying to finish my E paper.
I also had an idea about a very lightweight content management system that would allow me to easily edit, create, and delete documents using my own editor of choice where document names aren't handed back but a swiss number to change that document is. This would just be for basic HTML and text pages, not arbitrary mulitmedia content. I imagine it in Python exposed via XML-RPC over CGI over SSL. For something that's not used frequently, I can't see using XML-RPC over CGI having any serious performance penalties. I even found a library that already implements XML-RPC over CGI.
I am really hating dial-up life. 15:23#
Saturday, March 9
I'm at the Osuny west coast users meeting and waiting for openssh to finish building. good times.
The move went pretty smoothly, I've settled into my new place well. openssh sucks, it won't talk to my openssh client that's one sub-version below.
more later. 21:47#
Monday, March 4
I'm signing off until Wednesday. See you all on the other side of the bay! 19:00#
Friday, March 1
I find this picture on AaronSw's site of Tim Berner-Lee's NeXT cube strangely inspiring. The fact that's it's nearly the clone of a machine I had in my bedroom just two years ago is somewhat odd. In fact, you can still find a cube on ebay.
Stacy has some constructive criticism about the camera shot: Holding the camera from the bottom instead of the side makes for a steadier picture. Still, a very cool picture. 23:05#
I've been exceptionally busy with work, moving plans, and packing. I'm halfway done packing and I still have 5 days until I move. Gas, Power, and Phone will be waiting for me. DSL will eventually arrive.. Hopefully one of my friends will host this machine while I'm wandering in the dialup wilderness.
I don't honestly know how dan moniz does it, he's been functionally transient for longer than I've lived in the Bay Area. Not that he lives in a cardboard box or anything although maybe he would feel better off that way. At least it'd be his own cardboard box.
I'm both excited and kind of sad. This will be my 7th move in 5 years. It was fun for the first 2 years but then I quickly became tired of the dehumanizing effect that packing everything you own into a few boxes has. Now those few boxes have turned into nearly 20, most of them books or computers, the rest of it just clothes. I'm ready to live somewhere more than 8 months. But I don't know if this place I'm moving into will last me more than the year lease I signed up for. It really depends on if I can squeeze a writing desk into the bedroom, if I can get a new fridge in there, and if I can rig some easy-access steps to the adjacent roof. It's those small things that make up for the deficiencies of the place, which I won't enumerate for social and political reasons. There's also the issue that when Stacy and I decide to live together, it can't be in a one-bedroom. there's just not enough room.
When I said that the rest of my stuff is clothes, I think I should point out that I'm not a fancy dresser. US Bombs or OpenBSD t-shirt and work pants make up my Sunday best. One of my friends used to call it my uniform. It just makes everything easier. That black, green, or blue shirt will always go with those blue, green, or black pants.
At least I think I've finally gotten pretty good at packing. Last year I was still packing even while the moving guys hauled crap out of my apartment. This time things will be a lot smoother. Despite it all, I'm more excited than sad. Maybe it's my own sort of micro-wanderlust. Or maybe I've just given myself over to a functional mini-transience until I own a house or my own paraffin-covered box on Market Street.
Darius! Thanks for your excellent critiques of my E paper, I will respond to you before I start incorporating.
I taught myself a good deal about Ruby while eating a sandwich. It only took about 15 minutes to figure out most everything I needed to know. Well, everything I need to know before actually _writing_ anything in Ruby. My first impression? It reads like Perl with an unfucked object model. I can't tell if that's good or bad yet. It all depends on how impressed I am with their class methods, available libraries, and runtime behaviour.
Speaking of the bombs, here's just one little reason out of a million that I have a kick ass girlfriend: Last year for my birthday she gave me an early present of their new album. And for christmas, she found me a copy of Michael Abrash's Graphics Programming Black Book, something I had never been able to find. 03:10#