Tuesday, March 14, 2017


I've been reading through these replies about "MediTech" trying to determine if it's some sort of elaborate inside joke I'm not picking up on.
There is a company called MediTech in Massachusetts that uses a derivative language of MUMPS called Magic. I know several programmers that have worked there. There are thousands of engineers writing in this language as we speak.
From what I can remember:

-Only global variables

-Variables must only be capital letters, maximum length 6. If you run out of variables, you must cleverly use them in a routine and set them back to what they are. This means you can't use a name like myVar - you use AAAFD, ZBVCXZ, etc.

-System functions are usually things like ., >, ', ], so code looks like .'AAAF]{\;:..

-Meditech writes all of their own languages, databases, operating systems, tools, etc. You can only write in a non-Meditech language if you get approval from a multi-tiered architectural design board, which barely ever happens

-The founder hated C with undying passion. No one is ever allowed to use C

-All programming hires go through a 6 to 12 month training process to learn the tools, languages, and systems. As they almost exclusively hire non-CS majors, such as math and physics majors, they don't typically have a programming background and don't realize how bizarre the MediTech stack is

Monday, March 6, 2017

A Good Overview of How Trump Operates

I try not to post a lot of political or topical stuff here, but this is a very good overview of Trump and how he operates.  It goes into a lot more background and detail than just the current Russia story.
Whenever he is under fire for something in a sustained way, he makes a shocking claim or provocative declaration about something else to change the subject. He is a master practitioner at the politics of distraction. These five examples might jog your memory:
  • After struggling during the first GOP primary debate to explain his disparaging comments about women, he attacked Megyn Kelly. “There was … blood coming out of her wherever,” he said, ensuring that the media focused on the new Trump-Kelly “feud.”
  • In November, the morning after agreeing to settle a fraud lawsuit against Trump University for $25 million, he demanded that the cast of “Hamilton” apologize to Mike Pence.
  • Perturbed when critics pointed out that he lost the popular vote, he claimed that 3 million to 5 million people voted illegally.

Saturday, February 11, 2017

Top mentioned books on stackoverflow.com


We analysed more than 40 000 000 questions and answers on stackoverflow.com to bring you the top of most mentioned books (5720 in total)

How we did it:
  • We got database dump of all user-contributed content on the Stack Exchange network (can be downloaded here)
  • Extracted questions and answers made on stackoverflow
  • Found all amazon.com links and counted it
  • Created tag-based search for your convenience
  • Brought it to you

Saturday, January 28, 2017

Overjustification effect

The overjustification effect occurs when an expected external incentive such as money or prizes decreases a person's intrinsic motivation to perform a task. The overall effect of offering a reward for a previously unrewarded activity is a shift to extrinsic motivation and the undermining of pre-existing intrinsic motivation. Once rewards are no longer offered, interest in the activity is lost; prior intrinsic motivation does not return, and extrinsic rewards must be continuously offered as motivation to sustain the activity.

Sunday, January 15, 2017

The Line of Death

The Metro/Immersive/Modern mode of Internet Explorer in Windows 8 suffered from the same problem; because it was designed with a philosophy of “content over chrome”, there were no reliable trustworthy pixels. I begged for a persistent trustbadge to adorn the bottom-right of the screen (showing a security origin and a lock) but was overruled. One enterprising security tester in Windows made a visually-perfect spoofing site of Paypal, where even the user gestures that displayed the ephemeral browser UI were intercepted and fake indicators were shown. It was terrifying stuff, mitigated only by the hope that no one would use the new mode.

Tuesday, December 20, 2016


I really like popcorn.  I often find myself watching TV just as an excuse to eat popcorn.  I've gone months where I had it every night.  A while ago I decided to buy an air popper.  I've built up quite a recipe around the air popper, and I'd like to outline it here.

Why an air popper?
Air poppers are like $20 and the popcorn is much cheaper than the microwave bags.  They are a bit faster than a microwave, and you can never burn it.  There is nothing to clean because you only put dry popcorn in them, the oil is added afterwards.

Air Popper
I did a fair bit of research into air poppers, as I tend to do before buying anything.  Long story short, they're all the same, and you should get a cheap one.  This one is about $20.  It has a built in measuring cup, you dump the dry kernels in the top, and plug it in.  Set a large bowl next to it, and wait a few minutes.  The last 10 or so kernels never pop, so give up on them.  Unplug and that's it.

A few people recommended Orville Redenbacher for air poppers.  I started out buying at the grocery store, but you can get a giant jug on Amazon for cheap

It sounds silly, but you do need a large bowl.  I always ate popcorn straight from the bag, so I didn't have one.  I just got a 7 L one from Walmart.  Make sure it's at least 6 liters.

You can just use regular salt, but finer salt will stick better.  Generally you'll waste tons of salt no matter what.  After much research I found this movie theater style salt which is great, and will last like 30 or so bowls.

Salt Shaker
You can just use any regular shaker.  But I'm generally looking for one that has a few, well-separated, smaller holes.  The popcorn salt is much finer, so it comes out very fast of normal sized holes.  This is the best I've found so far, it works, but the holes could be a bit smaller.

You need oil, basically to make the salt stick.  I've just been buying this generic popcorn oil.  Don't expect much flavor from the oil, it's basically just soybean oil.  I've heard coconut oil is the best flavor, but it's difficult to spray on.

It's basically impossible to drizzle oil evenly.  I bought this spray bottle, which is crazy expensive, but is designed for oil.  There are cheaper oil sprayers but the reviews say they clogged, whereas I've been using this one for months and it's fine.  A word of warning, they spray in a flat fan pattern, which means you have to move the sprayer as you spray.

Saturday, October 1, 2016

Body Cameras Are Betraying Their Promise

In case after case, police departments say officers did not have their body cameras activated when it counted. It can seem as though incidents where body-cam footage helped secure an indictment—such as in Marksville, Louisiana, last November, or as in Cincinnati last July—are more rare than the cases where they don’t.

These are breaches of protocol—incidents where events didn’t happen as the law would require. Often, these violations are never significantly punished. This is the second major threat to body-camera accountability: If there’s not significant discipline for officers who fail to follow local policies—as the officers failed in D.C., Chicago, and Charlotte—then it doesn’t matter what’s in the policy.

Will Raccoons Trump Rats as the Ultimate Urban Mammal?

And I heard from a friend who works in the State Department about a raccoon that snuck into her building while it was under construction, and then walked across ceiling tiles until it got to her office and hung out above her desk, visible through the mesh-type ceiling panels, perhaps attracted by the scent of her sandwich.

Saturday, September 3, 2016

Replacing a modded Xbox with a Raspberry Pi, as a classic game emulation station

As you're likely aware, I'm a big fan of using orginal Xboxes modded to allow playing various NES and SNES (and sometimes N64) games.  Xboxes are cheap, and the software that runs on them has a pretty good UX.  That being said, they are getting pretty long in the tooth, and while the finished product is pretty slick, the process of modding them is annoying enough that I pretty much refuse to actually do it.  They are also rather huge and unwieldy in the age of tiny single board computers that are more powerful and draw far less power.

I have a few Pi 3s so I'd figured I give RetroPie a shot.  This will be less of a how to, and more of a review/comparison to modded Xboxes.

What you need

This is probably the biggest draw back of the Pi vs Xbox.  An Xbox can be had for $40 pretty reliably, or probably free from somewhere.  They generally come with everything you need to play, including at least one controller.

The Pi costs $40 by itself.  You then need a power adapter, a HDMI cable, a case, and an SD card.  Then you'll need controllers, 2 SNES knock offs will cost $30, or you can use XBOX360 ones if you want wireless and joysticks, but that'll bump the cost up $70 more.

Name Cost Link
Pi 3 $36 https://smile.amazon.com/dp/B01CD5VC92/
Power $10 https://smile.amazon.com/dp/B00MARDJZ4/
Case $8 https://smile.amazon.com/dp/B01F1PSFY6/
SD Card $10 https://smile.amazon.com/dp/B010Q57T02/
2 Controllers $25 https://smile.amazon.com/dp/B002B9XB0E/
HDMI $6 https://smile.amazon.com/dp/B014I8SSD0/

Total $95

You might have some of this stuff, but I don't think it's fair to assume you do for the price calculations.  So the cost is at least double an Xbox, probably more if you want joysticks.


I won't give a full install guide here, you can follow the official guide easily enough.  However, I will say the install is far easier than an Xbox.  Download the image, write it to the SD card, pop the card in the Pi, attach controllers, and power it on.  It autodetects the controllers, and lets you configure them.  FTP in (u: pi, p: raspberry) and put roms in the ~/RetroPie/roms/* folders.  Restart and the systems where it finds roms will show up in the list.


There isn't much to config, you can pretty much just play out of the box, however, there were some things I wanted to change.  For example, I found the layout of NES buttons to be annoying.  A bit of research told me that while the initial global controller set up is easy, there is no way to edit per system controls without editing the cfg files.  For NES the file is at /opt/retropie/configs/nes/retroarch.cfg

You can SSH into the Pi with ssh pi@ (change the IP to yours), then cd to there, and use nano to edit that file.  Alternatively, you can FTP the file back and forth. The config is very confusing due to the fact that you have the labels on the controller and in the file which may not match.  The numbers refer to the position of the physical button on your controller.  The letters refer to what that button should do.  For the Buffalo SNES knock offs this was my config for NES:

input_player1_b_btn = 3
input_player1_a_btn = 1
input_player1_y_btn = 2
input_player1_x_btn = 0


I think it works pretty well.  There are some rough edges, but I guess those are mainly a concern for someone like me that wants to configure everything.  All the games I tested work well.  The one exception was N64, where they stuttered quite a bit.  The Xbox was never great at N64 either, but it feels like it did better than the Pi.  Perhaps that's just the few random games I tested, or maybe because the Pi doesn't actually have a video card.

Also there is no easy way to turn the Pi on and off, you just unplug it.  For what it's worth, I measured the Pi as using about 2 watts (compared to the Xbox at about 50 w), so leaving it turned on 24/7 isn't a bad idea.

I was kind of disappointed at how poor N64 performance was.  If that were better I'd spend the money for a set of wireless controllers and be quite happy.  Each release of the Pi see a pretty significant speed bump, but at the same time I don't know if that is going to actually help, I think it's more the software and lack of video card.

Wednesday, August 31, 2016

Saturday, June 18, 2016

Flash the BIOS


Some years ago-never mind how long precisely-having little money in my purse, and nothing particular to interest me on shore, I thought I would set about to fix a friend's computer.  I can't recall what was actually wrong with it, but at some point, I figured I might try to flash the BIOS for no real reason.  The long story short is I used the wrong BIOS file and ruined the computer.

Since then "Flashing the BIOS" has become an inside joke.  That being said, I've learned a lot of lessons over the years, and would not make the same mistakes today.  As an example, let me regale you with this tale:

A New Router

I recently moved, and my best internet option here was xfinitywifi which is broadcast in the area.  However, I needed to be able to connect any device to that without going through their web portal, and be able to hook up wired devices.  Simple enough, I bought a router, and installed DD-WRT on it.  There was the potential for bricking the router, but I did my research and found a version of DD-WRT with numerous confirmed successful installs on the internet.

The install went fine, and as an added bonus, the antennas on my router picked up the xfinitywifi signal much better than my laptop.


All was well in the world.  But then my internet started going down.  It turns out my router would lock up and crash, and need to be restarted.  This seemed to be happening with increasing frequency.  The solution seemed obvious.  I bought a 120 V relay and wired it to a Raspberry Pi.  I then wrote some code to ping some sites to see if the internet was still up, and if not, to restart the router.  This was an iterative process, as I discovered the router would sometimes allow pings to IPs (like google's DNS, even in its frozen state.  I also noted that pings to the router would occasionally still work, even when the router refused to serve the status page.  So I changed the script to check the status page via wget.

This worked pretty well.  I set it up to run every 30 seconds, and to restart the router as soon as it couldn't get the status page.


Searching online though, it seemed like no one else was having this problem.  I figured this may just be because I was using the less common repeater mode, but it may have also been because I was using an older release of DD-WRT, since I wanted to find one with plenty of confirmation it wouldn't brick the router.  I found one or two people who said they were running the latest version on that router so I decided to upgrade the firmware to the newest version.

I carefully found the correct file, and plugged directly into the network so there was no chance of being disconnected during the update.  When I figured I was ready, I hit upgrade.  As soon as I clicked the button I realized my mistake.  My router was still hooked up to my crazy Raspberry Pi contraption.  Within the next 30 seconds the Pi would try to get the router status page, fail, and then cut the power to the router.

There was nothing I could do.  Pulling the plug on the Pi would cut the power to the relay and cause it to open.  My only chance was to SSH into the Pi and kill the process.  That, of course, relied on the network being up.  As soon I hit enter on the SSH command I heard the click of the relay turning off.

And with that, my router was bricked.

I tried a few recovery methods I found online, but it didn't matter.  My router had a half installed firmware, there was no way for it to boot, so it looped endlessly.


While connecting directly to xfinitywifi gave me some internet, it was unreliable and I wanted to get this resolved.  I convinced myself just to get a new router, one that would hopefully not have the freezing problem.  Walmart was the only place that was open so I found that they carried the Netgear Nighthawk router and set off to buy it.  I arrived at 12:01 am to discover that the Walmart I was at closed at midnight.  I drove to another Walmart to discover they didn't have any in stock (despite their site claiming they did).  I bought a lesser router, figuring it might be better than nothing.

A New Hope

When I got home I thought more about what to do with the broken router.  I, of course, considered switching out the guts, but I didn't have any of the packaging, and knew I couldn't just put the old router in a new box since the serials wouldn't match.

I did more research and discovered two more advanced recovery methods.   The first involved setting up a TFTP server, and connecting directly to the router, with a static IP that it would check for a certain file and then flash itself with.  I set this all up, and as luck would have it, it got the file from my computer and started to flash itself.  Then it rebooted, and rebooted.  I guess it didn't have enough firmware written to get through the firmware update steps before it rebooted.

A New Hope, Part 2

The more involved method, as these things so often do, required opening the router and soldering some pins onto the board.  While my new apartment is pretty barren, one thing it does not have a dearth of is random electrical components.  I had pin headers, male to female jumpers, even a USB to UART breakout board.  It was about 3 am at this point, which seemed like the ideal time to begin the next phase of this project.

I opened the router, found the through-holes, broke off three headers and placed them in the correct holes.  Hooked up Rx, Tx, and Ground to my UART, plugged that into my laptop, and attempted to connect via PuTTY, and got nothing.  It was pretty odd as I was sure the connections were right.  I have done USB serial communication stuff before though, and I know it's very easy to get the connection details wrong.  That being said, usually that would result in gibberish, not nothing.  After much experimentation I noted I could sometimes get gibberish if I moved the connections around.  This led me to believe perhaps the connections actually needed to be soldered, and not just placed there.

At this point, I feel it's worth noting that while I have a nice large table in my living room, I only get internet via my laptop in my bedroom.  I did buy a large corner desk for my room, but have yet to assemble yet, despite sitting around in my apartment every day with nothing to do.  As such, all this work was being done with me in bed with the parts in bed with me.


It was about 4am when I turned on the soldering iron (which I did do in the living room, not in bed).  I soldered the headers on, and as is tradition, discovered I soldered it wrong, so had to unsolder everything and redo it.  I hooked everything up, and still got nothing.  I suspected my router had so little firmware on it, that it couldn't even communicate over serial.  I checked and rechecked the connections, but there were only 3 wires.  Ground to ground, Rx to Rx, and Tx to Tx.  Then I realized, how could Rx connect to Rx?  Both sides can't be receiving.  Sure enough, the directions I was following clearly stated Rx to Tx.  At 4:45 am I fliped the Tx and Rx wires and immediately got communication.  As I said, I've done this USB serial communication before, and I made this same exact mistake before.

Flashing the firmware was a few simple commands, it grabbed the file from my TFTP server, via ethernet, and rebooted.  It worked fine.  I figured I might as well reflash it with the DD-WRT firmware while it was in this disassembled state.  That was done in a few minutes, and the router was reassembled (with pin header conveniently left soldered on for future endeavors) by about 5:15 am.  Just in time to watch the sun rise while browsing reddit.

Monday, May 23, 2016

Monday, May 16, 2016

Dean Karnazes: the man who can run for ever

When running, you break down glucose for energy, producing lactate as a byproduct and an additional source of fuel that can also be converted back into energy. However, when you exceed your lactate threshold, your body is no longer able to convert the lactate as rapidly as it is being produced, leading to a buildup of acidity in the muscles. It is your body's way of telling you when to stop – but Karnazes never receives such signals.

"To be honest, what eventually happens is that I get sleepy. I've run through three nights without sleep and the third night of sleepless running was a bit psychotic. I actually experienced bouts of 'sleep running', where I was falling asleep while in motion, and I just willed myself to keep going."

Monday, April 4, 2016

Will minimum wage hikes lead to a huge boost in automation? Only if we're lucky.

What about the workers thrown out of jobs by the new robo-waiters? Many would get new jobs, though the way this would work is often ignored.
  • Most restaurants would keep longer hours (they're paying for the rent and the robots anyway), meaning many workers would get a raise and change shifts.
  • The advanced robo-restaurant technology would itself be a valuable American export good, and people would be employed in designing and selling it.
  • Some low-wage work would be reallocated out of the relatively low-social-value restaurant sector and into things like child care and home health assistance, for which there is ample demand.
  • Since poor people are now making more money, there will be opportunities to sell them things — things like restaurant meals! — that they couldn't previously afford, which in turn creates demand for new jobs.

Thursday, March 31, 2016

I'm Speechless

Tuesday, March 15, 2016

Primitive Technology

This guy's videos are quite mesmerizing, and his descriptions are quite interesting to read.

Making Charcoal

Building a tiled roof hut


Sunday, March 6, 2016

When U.S. air force discovered the flaw of averages

He decided to find out. Using the size data he had gathered from 4,063 pilots, Daniels calculated the average of the 10 physical dimensions believed to be most relevant for design, including height, chest circumference and sleeve length. These formed the dimensions of the “average pilot,” which Daniels generously defined as someone whose measurements were within the middle 30 per cent of the range of values for each dimension. So, for example, even though the precise average height from the data was five foot nine, he defined the height of the “average pilot” as ranging from five-seven to five-11. Next, Daniels compared each individual pilot, one by one, to the average pilot. 
Before he crunched his numbers, the consensus among his fellow air force researchers was that the vast majority of pilots would be within the average range on most dimensions. After all, these pilots had already been pre-selected because they appeared to be average sized. (If you were, say, six foot seven, you would never have been recruited in the first place.) The scientists also expected that a sizable number of pilots would be within the average range on all 10 dimensions. But even Daniels was stunned when he tabulated the actual number.


Thursday, February 25, 2016

Sunday, February 21, 2016

The Secret Wizard of the Far Right

While you've likely never heard of him, chances are good you know his clients. Name a conservative firebrand and Elsass has likely been on his or her payroll. Ted Cruz, Rand Paul, Michele Bachmann, Newt Gingrich—he's worked with all of them, as well as a slew of Republican agitators who aren't yet household names but are doing everything in their power to change that. Elsass now counts more than 60 members of Congress on his client roster, many of whom belong to the rebellious Freedom Caucus that last fall hounded the Speaker of the House, John Boehner, into early retirement. This year, while most eyes are fixed on the presidential race, he's quietly obsessing over the Republicans' control of Congress, guiding the fortunes of 15 first-time candidates whom he hopes will join his small army already wreaking havoc in Washington.

Not surprisingly, Elsass's electoral success has made for a lucrative business, as the fleet of late-model Mercedes sitting outside his firm's headquarters attests. During the 2014 elections, the Strategy Group grossed more than $150 million—a figure that would be stunning even if the firm was located in the Beltway and not out among the mega-churches and big-box stores of exurban Columbus.

Tuesday, February 16, 2016

Kids, forget console gaming—play the FBI’s browser-based game instead

It basically looks like a prequel to the world's first-ever video game. The player uses the left- and right-arrow computer keys to move a running goat to avoid blocks. The blocks apparently represent violent extremists. Hit the block, and the goat explodes.

Saturday, February 6, 2016

Saturday, January 30, 2016

Why did crime plummet in the US?


I thought this was a very good compilation of the various proposed reasons for the huge drop in crime in the 90s, and some debate for and against each.

Friday, January 29, 2016

Listen to Wikipedia

Listen to the sound of Wikipedia's recent changes feed. Bells indicate additions and string plucks indicate subtractions. Pitch changes according to the size of the edit; the larger the edit, the deeper the note. Green circles show edits from unregistered contributors, and purple circles mark edits performed by automated bots. You may see announcements for new users as they join the site, punctuated by a string swell.

Sunday, January 10, 2016

Powerball Odds

So there is a lot of Powerball talk, and I am again intrigued by the possibility of a positive expected value for a lottery.  If you remember I wrote a post about Megamillions a few years ago, when the jackpot grew to $640 million.  The result, after taking into account both taxes and multiple winners, was that it still wasn't worth playing.  I decided to quickly do the same thing for this latest Powerball jackpot.

In a separate post, I made a model to predict the ticket sales based on jackpot amount.  This was quite a bit of work, so I'm not doing that here.  I'm just going to use the data for the latest drawing (Jan 9th, 2016) to see if that one drawing had a positive expected value in retrospect.

To begin, the expected value of the non jackpot prizes is $0.32, or about $0.28 if you include tax on the $50,000 and $1,000,000 prizes.  Note here, I'm ignoring the "Power Play" thing, which increases the payout for the nonjackpot prizes, but costs an extra $1.

Now we need to look at the jackpot.  The estimated upfront payout was $587,662,740.  After taxes that's $340,844,389.  The odds for Powerball recently got way harder, which is why this jackpot is so large.  This drawing had 440,321,172 tickets sold.  Doing the Poisson distribution we see the probability of various numbers of winners based on the odds and tickets sold:

0 22.1594%
1 33.3922%
2 25.1595%
3 12.6377%
4 4.7610%
5 1.4349%
6 0.3604%
7 0.0776%
8 0.0146%
9 0.0024%
10 0.0004%
11 0.0001%
12 0.0000%
13 0.0000%
14 0.0000%
15 0.0000%

The odds for no winners (which is what happened) was 22%.  This is due to the much lower odds of a jackpot in general.

Adding up the adjusted jackpot shares gives a total of $176,335,787.  This could be thought of as the true jackpot value after adjusting for taxes and the possibility of splitting the jackpot.  Multiplying by the odds of winning gives an expected value for the jackpot of $0.6035.  Adding the nonjackpot expected value gives a total Powerball expected value of $0.88.  The ticket costs $2, so it's not even half the value.

Some thoughts:  The odds were just increased in Oct 2015, and this is the first huge jackpot after that change.  More will follow, so it is possible that the expected value will improve as people get over the hype of a billion dollar jackpot.  However, it is worth noting that even if the jackpot doubled, and ticket sales remained constant the expected value would still be below the ticket price.

I haven't gone into details for the math here.  The calculations and commentaries are the same as the Megamillions post.  So please see that for more discussion.

Thursday, December 24, 2015

DAC and ADC explanation


This is a good video that explains how audio signals are sampled and represented digitally, and what effect that has on the final analog output.

Thursday, December 17, 2015

Armoured Octopus

Monday, December 14, 2015

Sunday, December 13, 2015

PBS Frontline: The Warning


PBS Frontline about the 2008 market crash.

Sunday, November 29, 2015

Life - Highly Intelligent Monkey


This documentary is on Netflix, and is quite good.

Saturday, October 17, 2015

Big Mac Index


The big mac index is a quick attempt at explaining purchasing power parity.  The idea being that simply knowing the exchange rate is not enough to know how valuable your money from one country will actually be when you try to purchase actual goods there.

Here is the fun part though:
Critics of the presidency of Cristina Fernández de Kirchner in Argentina and many economists believe that the government has for years falsified consumer price data to understate the country's true inflation rate. The Economist stated in January 2011 that Big Mac index "does support claims that Argentina’s government is cooking the books. The gap between its average annual rate of burger inflation (19%) and its official rate (10%) is far bigger than in any other country." That year the press began reporting on unusual behavior by the more than 200 Argentinean McDonald's restaurants. They no longer prominently advertised Big Macs for sale and the sandwich, both individually and as part of value meals, was being sold for an unusually low price compared to other items. Guillermo Moreno, Secretary of Commerce in the Kirchner government, reportedly forced McDonald's to sell the Big Mac at an artificially low price to manipulate the country's performance on the Big Mac index. In June 2012, the price of the Big Mac value meal suddenly rose by 26%, closer to that of other meals, after The Economist, The New York Times, and other media reported on the unusual pricing. A Buenos Aires newspaper stated "Moreno loses the battle".

Friday, October 16, 2015

How is NSA breaking so much crypto?

For the most common strength of Diffie-Hellman (1024 bits), it would cost a few hundred million dollars to build a machine, based on special purpose hardware, that would be able to crack one Diffie-Hellman prime every year.

Would this be worth it for an intelligence agency? Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous. Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections.

Friday, September 25, 2015

Volkswagen's Clean Diesel

Since 2009, we now know, Volkswagen had been inserting intricate code in its vehicle software that tracked steering and pedal movements. When those movements suggested that the car was being tested for nitrogen-oxide emissions in a lab, the car automatically turned its pollution controls on. The rest of the time, the pollution controls switched off.

This is old hat by now, but I thought this article did a good job of giving a bit more detail about the specifics of what actually happened.

Saturday, August 29, 2015

HTTP Status Cats API


Three years ago, I called out the proposed new TLDs as stupid. Today, I formally withdraw my oppositionIt turns out .cat is not one of the new TLDs so my opposition has been reinstated.

Monday, August 24, 2015


At the Institute for Marine Mammal Studies in Mississippi, Kelly the dolphin has built up quite a reputation. All the dolphins at the institute are trained to hold onto any litter that falls into their pools until they see a trainer, when they can trade the litter for fish. In this way, the dolphins help to keep their pools clean.

Kelly has taken this task one step further. When people drop paper into the water she hides it under a rock at the bottom of the pool. The next time a trainer passes, she goes down to the rock and tears off a piece of paper to give to the trainer. After a fish reward, she goes back down, tears off another piece of paper, gets another fish, and so on. This behaviour is interesting because it shows that Kelly has a sense of the future and delays gratification. She has realised that a big piece of paper gets the same reward as a small piece and so delivers only small pieces to keep the extra food coming. She has, in effect, trained the humans.

Her cunning has not stopped there. One day, when a gull flew into her pool, she grabbed it, waited for the trainers and then gave it to them. It was a large bird and so the trainers gave her lots of fish. This seemed to give Kelly a new idea. The next time she was fed, instead of eating the last fish, she took it to the bottom of the pool and hid it under the rock where she had been hiding the paper. When no trainers were present, she brought the fish to the surface and used it to lure the gulls, which she would catch to get even more fish. After mastering this lucrative strategy, she taught her calf, who taught other calves, and so gull-baiting has become a hot game among the dolphins.

Thursday, July 30, 2015

Crashes only on Wednesdays

Caught on yet?  On Wednesdays, and only on Wednesdays, if somebody manually twiddled certain bits in the monitor settings in a certain way, two events would occur during the same millisecond and caused the DB to throw an exception, and the error message that logged this would be exactly 81 bytes long including the null terminator, overflowing the 80-char buffer and causing the program to crash!

Friday, July 17, 2015

The View from the Front Seat of the Google Self-Driving Car


But we’re now driving enough — and getting hit enough — that we can start to make some assumptions about that real crashes-per-miles-driven rate; it’s looking higher than we thought. (Our cars, with safety drivers aboard, are now self-driving about 10,000 miles per week, which is about what a typical American adult drives in a year.) It’s particularly telling that we’re getting hit more often now that the majority of our driving is on surface streets rather than freeways; this is exactly where you’d expect a lot of minor, usually-unreported collisions to happen. Other drivers have hit us 14 times since the start of our project in 2009 (including 11 rear-enders), and not once has the self-driving car been the cause of the collision. Instead, the clear theme is human error and inattention. We’ll take all this as a signal that we’re starting to compare favorably with human drivers.

Wednesday, July 8, 2015

Concise electronics for geeks


This is a really good overview of analog electronics.

Wednesday, July 1, 2015

One dot per person for the entire US


This is a really good population map of the US, even ignoring that it has racial data too.

Tuesday, June 30, 2015

Randomness in Doom

Doom's source code is all online.  Someone posted a link to the RNG used, which is actually just returning a value from the same list of 256 numbers over and over in the same order:

unsigned char rndtable[256] = {
    0,   8, 109, 220, 222, 241, 149, 107,  75, 248, 254, 140,  16,  66 ,
    74,  21, 211,  47,  80, 242, 154,  27, 205, 128, 161,  89,  77,  36 ,
    95, 110,  85,  48, 212, 140, 211, 249,  22,  79, 200,  50,  28, 188 ,
    52, 140, 202, 120,  68, 145,  62,  70, 184, 190,  91, 197, 152, 224 ,
    149, 104,  25, 178, 252, 182, 202, 182, 141, 197,   4,  81, 181, 242 ,
    145,  42,  39, 227, 156, 198, 225, 193, 219,  93, 122, 175, 249,   0 ,
    175, 143,  70, 239,  46, 246, 163,  53, 163, 109, 168, 135,   2, 235 ,
    25,  92,  20, 145, 138,  77,  69, 166,  78, 176, 173, 212, 166, 113 ,
    94, 161,  41,  50, 239,  49, 111, 164,  70,  60,   2,  37, 171,  75 ,
    136, 156,  11,  56,  42, 146, 138, 229,  73, 146,  77,  61,  98, 196 ,
    135, 106,  63, 197, 195,  86,  96, 203, 113, 101, 170, 247, 181, 113 ,
    80, 250, 108,   7, 255, 237, 129, 226,  79, 107, 112, 166, 103, 241 ,
    24, 223, 239, 120, 198,  58,  60,  82, 128,   3, 184,  66, 143, 224 ,
    145, 224,  81, 206, 163,  45,  63,  90, 168, 114,  59,  33, 159,  95 ,
    28, 139, 123,  98, 125, 196,  15,  70, 194, 253,  54,  14, 109, 226 ,
    71,  17, 161,  93, 186,  87, 244, 138,  20,  52, 123, 251,  26,  36 ,
    17,  46,  52, 231, 232,  76,  31, 221,  84,  37, 216, 165, 212, 106 ,
    197, 242,  98,  43,  39, 175, 254, 145, 190,  84, 118, 222, 187, 136 ,
    120, 163, 236, 249

int rndindex = 0;
int prndindex = 0;

// Which one is deterministic?
int P_Random (void)
    prndindex = (prndindex+1)&0xff;
    return rndtable[prndindex];

int M_Random (void)
    rndindex = (rndindex+1)&0xff;
    return rndtable[rndindex];

void M_ClearRandom (void)
    rndindex = prndindex = 0;

There is an explanation of it here.  I find these kinds of hacks, used in 80s and 90s era games to save space and increase speed, interesting.

Here is a story of a guy that replaced all the values with the same number:
What does it play like? I tried two values, 0x00 and 0xFF. With either value, the screen "melt" effect that is used at the end of levels is replaced with a level vertical wipe: the randomness was used to offset each column. Monsters do not make different death noises at different times; only one is played for each category of monster. The bullet-based (hitscan) weapons have no spread at all: the shotgun becomes like a sniper rifle, and the chain-gun is likewise always true. You'd think this would make the super-shotgun a pretty lethal weapon, but it seems to have been nerfed: the spread pattern is integral to its function.

With 0x00, monsters never make their idle noises (breathing etc.) On the other hand, with 0xFF, they always do: so often, that each sample collides with the previous one, and you just get a sort-of monster drone. This is quite overwhelming with even a small pack of monsters.