jducoeur: (Default)

Since I know that a lot of my friends are security-conscious, and might be using it, I call your attention to this article in Ars Technica about the messaging service Confide.

The implication I'm getting (based on these reports, and what Confide itself is saying) is that Confide isn't secure -- and that isn't a matter of bugs, it's that the architecture is fundamentally broken. Indeed, I have to wonder if they even understand what "end-to-end encryption" actually means. I particularly call your attention to a couple of details:

  • One of their brags is their "code obfuscation". Never, ever put any stock in that. Code obfuscation basically means they have made it very slightly harder to figure out what's going on, and it's basically waving a red flag in front of hackers, going "Break me!".
  • They basically say that nobody except themselves could listen in on your conversations. That basically means that there is no end-to-end security. True end-to-end security means that nobody, including the service itself, can do anything with it. One of the signs of a good service is often when they say something like, "Don't forget your password, because if you do, you're out of luck -- we can't help you". Anything other than that means that they have backdoors, which can be exploited.

It is possible that Confide could fix all this -- but I wouldn't count on it, because like I said, these are fundamental architectural issues. End-to-end security is hard to do well, and it imposes real limitations on what you can do...

jducoeur: (Default)

I just came across this marvelous essay on the SCA fun/authenticity false dichotomy, and a different way of looking at it. It was written some years ago, but is still worthwhile reading for any SCAdian. (It's from Tibicen, who some of you might remember from days of yore.)

I totally agree with the philosophy here: while I'm pretty indisciplined about it, I'd say that "atmospherist" nicely describes where I think the Society is at its best, and I think we still hamstring ourselves by under-emphasizing it. Indeed, while I've often thought of myself as a "funnist", I've always been clear that the distinctive fun of the SCA -- what makes this club particularly fun -- is the atmosphere...

jducoeur: (Default)

It occurs to me that not everyone has yet come across the Twitter feed of Donaeld the Unready and associated accounts. There is a growing collection of these, all interlinked from different viewpoints, and they are particularly perfect for the SCAdian -- of-the-moment political satire, all framed in terms of Anglo-Saxon England. I think my current faves are the political tapestries of Wulfgar the Bard. Check it out...

jducoeur: (Default)

I just got an email that looks, for all the world, like an attempt to make a hotel reservation. The English is fairly atrocious, and it appears to be bcc:'ed to me, but damned if I can figure out what the scam is here -- there are no links, no requests for me to send anything except a confirmation and the cost to put up 10 people in mid-May.

Mind, I still figure it's a scam -- some long-play attempt to get at my personal information or something like that. But I will admit that this could just be someone who is very, very confused...

jducoeur: (querki)

What I set out to do: add "Unsubscribe" links to the bottom of all emails sent from Querki, so we properly comply with CAN-SPAM requirements.

What I find myself doing: implementing not just Guest Mode (the long-long-desired ability to use a Querki invitation without having to become a member), but today implementing Shareable Links (because Guest Mode lets me do so with adequate security, and there are a pile of great use cases enabled by it). Yes, those are both sequiturs from where I started -- building proper "Unsubscribe" requires having a concept of Identity for an email address, and the ball of twine started rolling away from me as soon as I got that far.

They're great new features, and should make a ton of use cases much more usable. But man, this is not what I had expected to be doing with my week...

jducoeur: (Default)

(Rant mode on)

Seriously -- WTF, Google? Google Contacts is perhaps the most unusable piece of software I am forced to use, and it exemplifies everything that's wrong with Google as a company. They forced me into this idiotic "Contacts Preview" UI, and years later it still fails to fulfill the most basic functions of a contact list.

(Yes, I could abandon Google Contacts -- all I have to do is abandon Gmail. Suffice it to say, that's a tall order at this point, although I may eventually be pushed into it.)

The one that always burns my butt (which I just hit again, which inspired this particular rant) is the fact that there is no way to say which email address to use for someone in a group. Google loves nothing more than to combine your contacts, so that instead of having four contacts for four email addresses, you have one contact with four email addresses. But you don't put an email address into a group, you put a contact into a group, and AFAICT there is absolutely no way to say which email address you want for this particular group.

My impression is that it simply always uses the first-listed email address for that contact. But AFAICT there is no way to re-order the email addresses, short of erasing and retyping them! (And of course, in typical Google fashion, they completely ignore the fact that different groups might be different contexts, and call for different email addresses.)

About every six months, some recruiter from Google tries to lure me in. I try to be polite, but this sort of crass incompetence keeps leaving me feeling like I would never want to work for a company that would put up with nonsense like this. They're the anti-Apple: as far as I can tell, they simply don't care about the user experience enough to put the slightest damned effort into it. As far as I can tell, I would find working there to be incredibly demoralizing.

(Or, I suspect more precisely: they don't care enough unless their corporate case of ADD has latched onto this topic right now. In which case it gets huge attention until the company gets bored, and wanders off to pay attention to the latest shiny, dropping all effort to make the existing software function right.)

Folks constantly ask me whether they can trust Querki, which after all is a much smaller company than Google. This is my heartfelt rebuttal: while my resources may be slim, I care passionately about making Querki as good as it can be, and supporting the users. I don't think you can say that about Google for any products except search and advertising. Everything else is just another Technology Preview, to be pushed for a little while and then abandoned.

(Rant mode off)

As to the question at hand, I eventually found this article. The secret turns out to be contained in the comments down there: if you scroll the left-hand bar way down, and open "More", you can abandon the goddamn Google Contacts "Preview" (never mind that it's been the status quo for years), and go back to the old, ugly but actually functional Gmail-style Contacts. That UI actually works -- there is a way (easy to use, although with crappy affordances) to say which email address to use for a given group for a given Contact.

Which I guess just underscores the point. Google got distracted by a New! Shiny! UI!, pushed everyone into it, and then lost interest and never actually finished it. So the old UI is still hanging around, for those of us who care more about a product that works than one that follows the latest visual-design guidelines...

jducoeur: (Default)

It occurs to me that many of my friends are the sort of geeks who like to provide feedback to their sites, and some are (like me) new enough to Dreamwidth that they may not know all the ins and outs yet. So if you are that sort of person, you might want to check out the [site community profile] dw_suggestions community. This is the discussion group where suggestions to the site land -- it allows DW members to vote and comment on those suggestions.

(NB: not all suggestions land in the group. They go through them manually first, reject the no-hopers, and add the ones that sound clearly right directly to the issue tracker. I was pleased that the one suggestion I've made so far -- an improved UX for Markdown entries -- was one of the latter.)

Anyway, it's an interesting little group, and I find it helps me better understand the site. If it sounds up your alley, check it out...

jducoeur: (Default)

For the relatively serious programmers, I commend the article Asynchronous Programming and Scala. It's somewhat dense stuff, and as written is entirely in Scala, but the principles are pretty generic. It's all about how to think about asynchronous programming, and makes some important high points:

  • Asynchrony is not the same thing as Parallelism, although they are closely related.
  • Callbacks are a wretched way to deal with async, since they don't really compose. (I have learned this one through much pain.)
  • Futures and Promises are less wretched, but still problematic.
  • If you really want to do this stuff right, proper functional-programming techniques rock.

Of course, this is largely a rationale and advertisement for the Monix Library, which is a more or less state of the art library for "doing it right" -- but it's a pretty compelling rationale.

None of this is easy: he's summarizing stuff that's taken me four years to really internalize. (One of my medium-term but relatively challenging goals is to rewrite the pipeline for the QL language inside Querki from being Future-centric to Monix-centric: the result would be vastly more efficient and reliable.)

But it's important material, especially if you're designing systems. I encourage you to read and absorb it. Feel free to ask me "what the heck is that bit talking about?" questions, or even questions about the syntax and functions in the examples -- I always enjoy burbling about programming in general and Scala in particular...

jducoeur: (Default)

This one's just for the programmers/architects, and mainly for the experienced ones: Things I Wish I Knew When I Started Building Reactive Systems.

The more you're used to building traditional Tomcat-plus-RDBMS applications, the weirder you're going to find this, but it's well worth reading and absorbing. It describes a few of the assumptions underlying modern, scalable, so-called "reactive" architectures, each of which gores one of the traditional sacred cows you're probably used to. What it all boils down to is that it's entirely possible to build seriously efficient, seriously scalable online services -- you just have to change a lot of well-worn habits.

(Querki is built around all of this stuff, except that I still have some blocking I/O in the MySQL code; replacing that with a better approach such as Slick is becoming an increasingly high priority.)

And this reminds me: among other things, it links to the paper Life Beyond Distributed Transactions. If you're playing at the Senior Software Engineer or above level, this is one of the most important papers of recent years, and you should read it if you haven't already done so. It was the paper that finally demonstrated that the emperor has no clothes: that the traditional transaction-oriented model of data processing doesn't scale well, and that you need better approaches if you're going to compete in the modern world.

For all that it calls itself "An Apostate's Opinion", it has become something like the new gospel. It has inspired enormous ferment and evolution over the past decade, and led to radically new architectures (such as the event-sourced approach that Querki is now mostly built on). If you are doing architecture for systems that are intended to scale, you need to understand this stuff in order to understand how the industry is evolving...

jducoeur: (Default)

Laurie Penny is a journalist who has, in recent months, been following the Milo Yiannopoulos National Crassness Tour. It's made for delicious reading: she is utterly unsympathetic to Milo, but as far as I can tell he's enjoyed having her around as a sparring partner, so she's gotten to see what the whole shit-show looks like from the inside.

Her most recent post (which I suspect may be the last in this particular series) is especially fascinating, and well worth a read. It follows the Milo story over the past few weeks -- from the Berkeley riot to Milo suddenly becoming a Conservative un-person due to finally crossing a bridge too far -- and reflects on it.

The bulk of the article is not about Milo, and that's part of what makes it so interesting. Rather, it focuses primarily on the idiot children who have been following him around -- the GamerGate-type alt-right groupies who've been treating him as some sort of prankster-god -- and how completely incapable they are of coping with a world in which their side has, for now, won. She gives a sense of who they are as people, without even slightly forgiving them for what they have done.

Along with that, she makes a point we should be remembering and echoing: that the sudden crushing of Milo lays bare the hypocrisy underneath the right wing's cloak of First Amendment rights.

Not a short article, but highly recommended. She's a fine writer and analyst, and this is a great corrective to our tendency to see the right wing as some monolithic and impregnable fortress of evil -- quite to the contrary, she shows just how fragile some of them are, and in the most terribly practical sense that's worth understanding from a tactical perspective...

jducoeur: (Default)

Oh, and a quick note for any fellow DW newbies who didn't read the recent release notes (which is where I found out about it): it turns out that Dreamwidth supports Markdown format! If you start you post with a line that just says:

!markdown

the rest of the post will be interpreted as Markdown.

Obviously, this isn't so important if you don't know or like Markdown. But it's my wiki syntax of preference (Querki's own QText wikitext is a dialect of it), and it's the format I use automatically, so I find it very convenient. It makes things like links easier, and allows you to use the same at-name syntax for referring to accounts that every other social network now uses. If you like this approach, take due notice of its availability...

Bagels

Feb. 16th, 2017 01:24 pm
jducoeur: (Default)

On a lighter note: while I don't entirely want it to be "discovered", the good stuff should be publicized.

While Boston isn't New York, we do have ongoing discussions about where to find the best bagels. After six months of patronizing the place, I now have a clear favorite: Bagelsaurus in Porter Square. (I assume the name started as Bagels 'R Us, but that's just a guess.)

Of course, bagelology is a highly subjective field, and not everybody is going to agree. But Bagelsaurus has a lot going for it:

  • A fine variety of flavors, including most of the traditional favorites. (Onion, Pumpernickel, Everything, Salt, etc.)
  • Remarkably generous toppings: when I buy a six-pack of Everythings, I wind up with a considerable puddle of toppings that have fallen off in the bottom of the bag, and they still look utterly covered.
  • Bagels are large -- not insane, but a generous lunch.
  • Bagels are light -- not the horrible white-bread-pretending-to-be-a-bagel that you sometimes see, but not the typical lumps of lead either.
  • Bagels are well-finished, and wonderfully crisp when toasted.

They also make a variety of tasty-sounding bagel sandwiches, but I always get them takeout to make at home, so I can't speak to those.

There are a couple of downsides to note:

  • Their Onion bagels are the onion-on-the-inside variety, not the onion-on-the-outside that I prefer. (This is a matter of taste.)
  • They can get crazy jammed at lunchtime, especially on weekends. Be prepared for a line if you arrive after noon.
  • They start selling out of flavors during the lunch rush, so if you have favorites, get there before noon.

Overall, though, they're the best bagels I know this side of NYC, and better than most New York bagels I know. More or less my platonic ideal. Check it out...

jducoeur: (Default)
On the scarier side of things, here's an essay that nicely puts all the pieces together -- essentially arguing that the blizzard of chaos coming from the White House is largely a distraction while they set up far more dangerous plans. Once again, I can't say for certain that this *is* what's happening -- but it's very consistent with what we can see so far.

Read it, and pass it around: seriously, it's important for as many people as possible to be alert to the signs. With any luck, this will be a Y2K moment -- a disaster that never happens. But as with Y2K, I suspect the only reason it might not happen is because enough people know about it, are prepared for it, and are preventing it.

I also concur with the implication here, that the Problem increasingly appears to be Bannon. Trump still appears to be a chaotic moron, but he's likely being manipulated by someone with a far more coherent and dangerous agenda. Getting Trump out of the White House isn't as immediately critical as getting Bannon out. So the question becomes: how do we, the people, get the point across to Trump that he is being *manipulated* by Bannon? That seems like the most effective way to neutralize Bannon -- Trump's ego is a mighty force, and convincing him that he is perceived as *weak* because of Bannon seems like a potentially good tactic...
jducoeur: (Default)

For the past week or two, Chrome has become surprisingly unstable -- it's been crashing on me about once a day. Weirdly, it is usually when I'm not using it that it crashes: typically, I wake my computer from idle and find that Chrome has gone splat.

Anybody else seeing anything like this? I'm mystified about where the problem is.

(And man, it is wonderful to know that DW now supports Markdown. Hadn't even occurred to me until they mentioned it in today's update. The custom entry URL thing is pretty neat, too...)

jducoeur: (Default)
(Warning: diary ramble ahead.)

Intercon was scheduled a couple of weeks earlier than usual this year -- our experimental hotel last year wasn't great, and by the time we found our new site, the only options were this weekend or Easter.  So this year, I got to spend my birthday (yesterday) in high-intensity LARPing.


Let me say first: the new hotel rocks, and I hope we develop a long and fruitful relationship with it.  My initial reaction on hearing about it wasn't so positive -- the only thing I know about Warwick, RI is that it's the home of a certain Ducal pair of my SCA sibs, so I was basically going, "The Crowne Plaza in Middle of Nowhere, RI?  Oy."  I will state for the record that I was entirely incorrect in this -- Warwick is just far enough from downtown Providence to not be "city", but otherwise close.

And the hotel itself was great.  It's *huge* -- we had plenty of space, and didn't even rent the large Grand Ballroom wing.  It's well-furnished and comfortable, and not terribly expensive.  The service was top-notch: friendly, efficient and businesslike.  Even the concession food didn't entirely suck (which is about the best one can usually ask for in concession food) and had surprisingly excellent cupcakes.  So yeah, it's an hour away, but we should totally stick with this place.


Due to the storm, I missed the Thursday evening programming; I skidded in just before the roundtable I was moderating at noon Friday, "Playing to Enable Others" -- basically a session on how to be a generous player.  It was a bit of a BS session, much of it devoted to discussion of what the parameters of "generosity" were in the context of LARP, but it was a pleasant chat.  And I stuck around for the following discussion of "Plotting by the Seat of Your Pants", which gave me an excuse to relate a good war story or two, before striking out to the nearby shopping mall in search of pale blue sparkly nail polish.  (Give it a minute, and that'll make sense.)

I didn't play any games on Friday evening, opting instead to spend a few hours pulling Ops duty.  I'll have to remember for the future that Friday evening Ops is *fun* -- it's exactly the kind of high-intensity whirlwind that I always enjoy, answering questions, giving directions, checking folks in and all that.  I might have to make a habit of that.


Saturday was All LARP, All the Time -- I started running about 8:30am and didn't finish until about 11pm.  I played in three games, all good.

First up was Librarian and Catalog.  I can't go into *too* much detail without spoilers, but the public blurb sums up the high concept well: "The robot Librarian.  The damaged computer Catalog.  An alien artifact.  A chance to confront yourself -- again, and again, and again -- amid the collapse of parallel universes."  16 players, all playing The Librarian.  My version was "Scornful, Disciplined, Ruthless" (Librarian tR), and it was just the kind of focused, intense, totally-not-me character I was looking for.  Suffice it to say, the game is weird but fun, a bit slow to start but well-paced, and high in player agency.  Recommended if it runs again.

Saturday evening was The Inversion of Me and My Room, which I've been hearing good things about for a couple of years, so when it appeared on the schedule a few weeks ago I transferred to it.  I can say *very* little about this game, but suffice it to say it is *spectacularly* weird, trippy and dark, an iconic All The Feels game.  Recommended, but be prepared to throw yourself wholeheartedly into the emotional wringer, and don't expect things to make too much sense before endgame.  (For those who know the game, I played Helmer (family).)  It did leave me with a desire to finally rewrite my game Shards of Memory, which is in the same general category.


The high point of my weekend came in the middle of the day, though.  I had put Librarian and Catalog as my first-choice game, and therefore missed getting into Cracks in the Orb, the Dragaera game.  I decided to wait-list myself for it, and that finally paid off last Monday, when I got in.  For those who know the Dragaera books, Cracks is set something like 500 years before The Phoenix Guards, and includes younger versions of some of the characters from The Khaavren Chronicles.

For those who don't know the series, suffice it to say that the Khaavren Chronicles are a fantasy pastiche of Dumas, specifically The Three Musketeers.  The game follows that, although it also pulls in pastiches of a variety of novels of that vintage.  (Sadly, I can't say which novel *my* character was a pastiche of without major spoilers.)

Anyway, the game was a complete hoot.  My character, Fotheringil, was a foppish Tiassa (with more than a little Khaavren in him) who is a member of the Empress' personal guard.  ("Foppish" -- hence the nail polish, which is actually mentioned specifically in his character sheet -- light blue and white are the house colors of the Tiassa.)  He proved well-connected, and central to one or two major plots.  It's well-written and deep stuff, although I did wind up feeling for the players of my own games -- Lise (the primary author) is every bit as fond of deep biographical character sheets as I am, and the game is *very* intricate, with all sorts of major bluesheets and mechanics, so I had four days to absorb about 30 pages of fairly dense material.  If I didn't already know the source material, I might have had real difficulty with it.

ETA: for added fun, one of the major mechanics in the game is Social Dance (which allows you to remove the stain of Dishonor, and gain insights into your dance partner) -- which is represented by dancing, in this case the Belle Qui Pavane.  I offered to teach it, and pointed out to the GMs that it would be *totally* in-character for Fotheringil to teach everyone this new, fashionable dance form.  So I wound up teaching the dance in-character, and called it each time it came around.

But it was great fun -- I achieved nearly all of my game goals, including getting the girl.  I got 7/8ths of the way towards achieving my *big* goal, and I take fair pride in that: the goal was genuinely hard, and I only realized late in the game that finishing it would have required playing some fairly specific politics an hour or two earlier.  Suffice it to say, the rest of it involved strategic wargaming, and that's an area that I'm moderately good at.  As it was, I got close enough to support my personal headcanon of making progress towards the goal a bit further down the line.


After Inversion wrapped at 11pm, it was off to party.  Sadly, I'm not well-connected to the Intercon party scene, so I kind of had to crash Nuance's traditional Intercon birthday party.  (Which underscored how nice this hotel is.  Her party was originally right next to my room, so I was a bit concerned about sleep; however, as that grew a tad out of control, they moved it to one of the below-ground game spaces, far away from guest rooms, which was a pretty great choice all around.)  And then an hour at the traditional Intercon Dance Party, which is always one of the highlights of my year -- where else can you find people boogying in an eight-foot-tall inflatable T Rex outfit? -- and finally bedtime much too late.

As for today, I decided to skip Closing Ceremonies -- maybe the first time I've done that in 20 years -- in order to get home before the roads got too bad.  Hope everything finished off well; in general, it was a fine con, and bodes well for the future...
jducoeur: (Default)
You know that Fantasia was a major childhood influence when you listen to Dance of the Hours, and realize that you just plain *can't* hear it without envisioning the cartoon -- the connection is hardwired.  I am still in awe at how perfectly the imagery worked with the music...

Dayum

Feb. 5th, 2017 11:23 pm
jducoeur: (Default)
I was in the stands for one of the great comebacks by the Red Sox.  (Down by 5 in the ninth, led off by Big Papi, which led to my Sox motto, "It's not over until the fat guy swings".  It *felt* like the moment when the Sox finally started to turn things around.)

I remember the Snow Bowl, with the magic final-second kick, while we were all snowed in at Arisia.

I accidentally turned on Wimbledon for the Nadal/Federer finals in 2008, where you could just *feel* that this was one of the most perfect tennis games ever.

That may have topped all of them.  Holy crap...
jducoeur: (Default)
In an upset against perennial favorites Cars and Beer, the runaway lead was claimed by Household Goods, with a surprise touchdown from Tide followed by a fine defensive pay by Febreze.

Specifically, it's amusing how few ads manage to be well-written, appropriate to the setting, *and* actually have something to do with the product; most of the funny ads fail on the third point.

On the plus side, I am encouraged that the companies did not back down from their usual pro-international viewpoint.  Particular points to 84 Lumber, of all people, for coming closest to saying, "Fuck your wall" with a sentimental but well-done pro-immigrant ad; I'm actually tempted to go to their website and check out the rest.

(The football game? Oh, we're losing that. Nice halftime show, though.)
jducoeur: (Default)
Lots of people are terribly worried about "Resistance Fatigue", and there's some basis for that -- spending all day, every day for years worrying about the fight is a good way to mess with your head and just fall into eventual despair.  You have to learn your own capacity, and pace yourself accordingly, because this one's going to be a marathon.

But it occurs to me: we do know one person who famously has no patience and precious little discipline, sitting at the top of his gold-plated tower.

Can we help induce Presidency Fatigue in Trump?

Seriously: it's pretty clear that he didn't really understand what he was getting into, and I suspect it's all more of a pain in the ass than he expected.  He's used to being CEO of a company that he *owns*, not working with other people and making sensible compromises.  As far as I can tell, he's a bit overwhelmed and cranky already.  Tiredness and anger cause people to make stupid mistakes.

I'm being a bit flippant here, but only a bit.  I suspect that he isn't mentally prepared for ongoing resistance to everything he does, every day, for years.

So the details of each individual fight aside, the ongoing *act* of resistance may well be helpful.  We need to keep it non-violent, and not play into their damned "all those protesters are destroying the country" narrative.  But keeping up the pressure may well gradually break a man who is, I suspect, really fairly weak to begin with...

Profile

jducoeur: (Default)
jducoeur

March 2017

S M T W T F S
   1 234
5 67891011
121314 15161718
19202122232425
262728293031 

Syndicate

RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags