Shortlog - a log of everyday things

View the past: 2013 2012 2011 2010

Atom Feed

2013-03-08 | 0 comments

Last night, I was walking along the sidewalk and stopped at a light waiting for the walk signal. A party of three (one guy, two ladies) was talking, and I overheard the guy mention randomly breaking out singing the Pokémon theme song.

He then proceeded to do exactly that. Of course, I joined in. Everybody laughed and sang along.

I WANNA BE THE VERY BEST

2013-01-28 | 1 comment

I didn't get around to writing this until recently - I had a busy week at work, which was not made any easier by the sleep-dep stockpiled from the previous weekend. C'est la vie.

The MIT Mystery Hunt was great! It was rather exhausting, though - clocking in at over 72 hours, it was the longest Mystery Hunt ever. As usual, I hunted with Death From Above.

A lot of puzzles were beautiful. There were also some puzzles that appeared to have not been playtested at all. I won't complain too much; this was the first hunt Manic Sages (the organizers) wrote, and I've been in the "Oh gods no one is possibly going to finish our hunt" boat before. To their credit, they took note of the challenges that teams were facing at runtime and tried to adapt things to help the teams continue to progress. In the end, they wound up giving away copious puzzle answers and cutting the last meta and possibly a decent chunk of the endgame, but by that point I think we were all too tired and braindead to really care.

A couple of my favorite puzzles that I worked on:

  1. Halting Problem, a puzzle in which you had seven programs written in less-common programming languages performing naive computations of ridiculously large problems. I called in Matt to help me with the Erlang one, and we figured out that it was in fact doing a naive factoring of the RSA-768 challenge. Quentin and I spent far too long staring at the C++ templates before we figured out exactly what sort of connect-four game it was playing, and the Perl program computed the number of primes less than 100 million with regex.
  2. Git Hub, a puzzle which mapped the Boston MBTA with a git tree.
  3. Treasure Island (meta) - minesweeper satisfiability puzzle, with a very cute extraction.

A couple I looked at and liked but didn't really contribute much to the solution:

  1. I CAN'T SPELL YOU, a puzzle using a bunch of Unicode character names
  2. Infinite Cryptogram
  3. Grandson of the Realm of Unspeakable Chaos, a puzzle which used an evolution of a constructed language (Chaotic) from the 2008 hunt which was itself an evolution of a constructed language from the 2001 hunt. Robin Deits worked at this one for practically 24 hours; by the end of it he was just about fluent in both Chaotic and its evolution (which we termed NewLang).
  4. In the Details - a recursive word search, in which each each letter expands into a 2x2 square of letters, and the last word is 86 levels deep.

This was the best year ever for Death From Above. Historically, we've gotten 11th place (three years in a row!), but this year, we were solidly in the top three, and even in the lead at certain points. We were quite proud of our showing, and I look forward to seeing what we can pull off next year. Yes, I rather enjoyed Hunt. :)

It was also delightful to see all my friends at MIT again. It's a little bittersweet - the folks I met in the spring of 2010 are all either graduated or seniors now, and soon they'll move on and I probably won't see them again (unless they return for Hunt). But I guess that's just how things are. It feels a little like graduation all over again. Visiting the dorms makes me feel both old and young at the same time - it's always a joy to observe and be a part of the unique dynamic, but a little sad to think that I can't have that life any more. East Campus is full of entertaining characters.

I'm not used to feeling old. It's a weird feeling.

2013-01-17 | 6 comments

It's about time I started blogging again, don't you think?

Today I fly out for the MIT Mystery Hunt, the annual rendition of the original puzzle hunt. I'm quite excited, since I get a huge rush from solving puzzles. I'll be hunting with Death From Above, as per usual.

This is somewhat complicated by the fact that somehow, I wound up being on pager duty for AeroFS this weekend. Hopefully nothing falls apart; I spent most of yesterday tracking down why one of our services kept being unresponsive. (For the curious: enabling epoll and SMP in the Erlang VM makes for huge performance gains. Why the default values for the distribution are set to "disabled" baffles me.)

On the upside, I also have a dozen AeroFS t-shirts to give away. They're super comfy!

UPDATE: landed in Boston. My CharlieCard still had fare on it.

2012-05-20 | 0 comments

Some pictures from Google Games (previously discussed here), courtesy of Hanah Kim:

Our team at the table
My team! Our team all wore hats. Annelise has the red beret, I have my wizard hat, Nima is in his Russian cap with earflaps, Josiah has his standard baseball cap, and Ankur is in the background, but his fez can be seen on the table. You might have noticed we're all wearing our Berkeley Mystery Hunt 2012 t-shirts - the day before we ran that hunt. Organizing has it's privileges! :D

LEGO-building
One of the events involved building as tall and wide a bridge as we could out of whatever LEGOs were in the bag that was dropped on our table. Scoring was (2* minimum distance between ends of the bridge) + (maximum height of the structure). As a result, the optimal strategy was to have a low, narrow bridge with a very tall spire at one end. I came up with a clever way to mount the spire that allowed us to use the length of the pieces to generate height rather than their height, which was fairly unusual among the structures we saw and allowed construction of a much lighter tower. By the time we finished, the spire was so tall and thin it swayed from the air currents in the room. It was slightly unnerving, but survived the measuring process. We had the 3rd highest-scoring bridge, which was better than I had expected.

Deep in thought
This must have been during either the trivia round of the competition or the puzzles round. I'm guessing that you'd see a laptop out if it were the puzzles round, so I bet we're dividing-and-conquering trivia questions here.

2012-05-10 | 0 comments

I don't think I'm going to accomplish my goal of completing the Doe Traverse in a single run before I graduate. Pity. Clearly, this means I'll have to come back in the future to do it properly.

2012-05-07 | 0 comments

I coded the entirety of my study dataset today. It took way longer than I had expected and proved exhausting. I am more effective at thinking for a long time and typing a few short (right) things than sitting down for 8 hours and transcribing text. If I knew more computer vision, I'd have done OCR and image matching and only manually dealt with things that the system couldn't handle.

2012-05-06 | 1 comment

Argh. This is two days in a row that I've noticed I pulled out a grey hair at the end of my shower.

2012-05-04 | 0 comments

I met with Dave Wagner early today so we could go to Adrienne Porter Felt's dissertation talk. It was a great talk - she crystallized a number of the things I've been thinking about for the past few months into an easy-to-grok talk that hit on a ton of important points in a methodical manner. It turns out we'd both determined that run-time permission grants are better than install-time permission grants. She's worked out several more details, and produced some guidelines for platform designers to make their permission systems more usable and effective. The most important take-away was the following:

When building a platform, if you want to give third-party developers access to some privilege, use these interactions in the following priority order:

  1. No interaction. If an action can be safely and easily undone, just do it, and let the user undo it if they don't like what happened. It's nice to give the user some way to find out why something happened though, so if you can, leave some sort of audit trail. (Example: setting a background on your phone - set it, and show what application last set it and when with an undo button when you view the background settings.)
  2. Trusted UI. Users know what they're trying to do already. Give developers widgets that they can put in their app that will allow the user to trigger the desired action. Key bit: make it so that these widgets are the only way by which these permissions are available to apps. (Example: a button that sends an SMS when the user presses it. There can be implementation difficulties here, and this can also restrict what can be done with the platform. I'd like to think about the implications of trusted UI a little more before deciding it's a great solution.)
  3. Runtime permission grants. Users are much better at understanding their decisions in context - you might not know at install time why your bank app needs access to your location, but if it asks right after you hit the "Locate ATMs near me" button, well, that makes sense then. (Example: accessing contacts or your current location. It's possible some of these instances could be factored into trusted UI.) This should be used if the user can be expected to be available to approve the request, but the system is responsible for initiating the flow that requires the permission.
  4. Install-time permission grants. These should be reserved for things where the user can't be expected to be available to approve an action. (Example: app that wipes the phone remotely if it's stolen. It would be...optimistic...to think that the thief would select the option to allow the app to perform this action.)

Real-world notes: Android's permission system is basically entirely install-time permission grants, which is one of the reasons that permissions on Android are a ****show from a usability perspective. iOS uses runtime permission grants for location tracking and notifications, and has no interaction for most other permissions, but doesn't really allow for as powerful a separation of privilege, since there are basically no other permissions.

After the dissertation talk, I went upstairs to see the CS160 (undergrad HCI class) poster presentations, where students were showing off a bunch of projects relating to applications of the Kinect depth camera. There were a couple neat ones - the use of the Kinect to teach ballroom dance steps and posture was probably my favorite.

I ran into Kate Harrison at the poster presentations, and we wound up sitting in the CS lounge talking for several hours about all manner of things - the design of puzzlehunts, family relations, school, the computer games we played growing up, gender in the sciences, styling and upkeep of long hair, wireless spectrum, rationality, playing devil's advocate. We played Dominion against an app with a rather weak AI, and then switched to an anagramming game. Shang joined us and we all continued anagramming, then headed down the hill so Shang and Kate could catch the bus and I could head home. I am now apparently responsible for hosting a retro computer games night at some unspecified future time, which will feature such classics as The Lost Mind of Dr. Brain and Logical Journey of the Zoombinis.

It was nice to have a comparatively deep, one-on-one conversation. I haven't had many of those since coming to California. Large gatherings can be fun, but they tend to lose the introspective, thoughtful nature that becomes possible when there are only two voices needing to be heard. With a party of two, you have more time and less pressure to quickly synthesize your thoughts into words before the topic organically shifts elsewhere. There's less contention for the channel of communication.

2012-05-02 | 1 comment

We sent out the post-puzzlehunt survey. A couple interesting notes from the responses so far (N=25):

All in all, I think the writers, assistants, and solvers all had a fantastic experience. And that's something to be proud of.

2012-04-29 | 1 comment

I woke up at 7 this morning (after three and a half hours of sleep) to shower, get dressed, pick up Annelise and Josiah and lots of assorted things at 8, and set up and run the 2012 Berkeley Mystery Hunt for the rest of the day.

Participants started showing up around 09:30. Annelise checked off which teams arrived and gave them their t-shirts. Special thanks go out to Intel for sponsoring the event, which allowed us to hand out over 150 t-shirts. Steven Herbst was there with one of the teams! He and I debugged Verilog for the Happy Boards for MIT's 6.270 back in January 2010. I hadn't seen him since then, but he works out in the Bay Area.

The kickoff went swimmingly. Some teams had a little trouble logging in to the website; next year I'll want to be able to have teams test their logins in advance without gaining access to the whole hunt.

It was fun to watch the team solves go up on our leaderboard.

I wound up spending most of the day trying to keep the website from catching fire. It was a true test of on-demand bugfixing - the hunt was live, and every time I got emailed an exception, that meant that someone on one of the teams was hitting a bona fide website bug. In the morning, I knew I had a bit over 2 hours after kickoff to implement the hint-earning event pages. There were a bunch of things that we changed in the last week (after our playtest) that didn't get properly QA'd before today. We made 24 commits that day, some of which were features being implemented just before they were needed, some of which were load shedding by adjusting refresh times, and some of which were somewhat serious bugfixes.

Pizza for everyone (~170 players, ~7 organizers) arrived on schedule in two batches at 1pm and 2pm respectively (again, thanks Intel for the sponsorship!). Teams were a bit behind in the hunt at this point, so we nudged them all along so they could get to the more interesting puzzles (and we could get all the people we had out and about back to HQ and fed).

As I noted before, I spent most of my time at HQ - it's very helpful to have someone who's intimately familiar with all the puzzles helping out with the answer queue, so you know when to give comments like "Check your work." and "Keep going." to teams that have either made a small recoverable mistake or are on the right track but need to keep working.

The site remained fairly healthy over the course of the hunt. A couple of teams wound up doing partial bruteforcing on one of the puzzles. When one team started submitting all possible bigrams, we called them on the phone and told them to knock it off. In their defense, we had sorta taught them to bruteforce with an earlier puzzle, and we never exactly mentioned that all the submissions were being graded by hand. In fact, another team submitted a guess of "DOESSOMEONEREADTHISORISITAUTOMATED"

I got to lead an interactive puzzle which was pretty fun. The looks on people's faces when they finally figured the puzzle out was fantastic. Even better were some of the guesses that I got to see after the event ended.

The coin was found by Perspicacity (the team formerly known as PhDestroy (aka my team from last year)) at 19:55. Three more teams completed the endgame before we shut HQ down at 21:45, which was great. Probably three more teams would have started the endgame if they'd had another hour. And we had seen continued submissions from basically all the teams throughout, which suggested that they all remained engaged over the course of the day.

Evaluating a hunt's success or failure is a nuanced task - it really comes down to whether people are having fun or not. Solvers seek a challenge, but not an impossible one. From what the people who hung around all the way until our 22:00 wrapup told us, everyone had a blast.

At some point, I intend to generate some pretty graphs of who solved what puzzles when, and some other pictures that illuminate the overall shape of the hunt. We're also going to send out a survey to get more detailed feedback on the hunt - which puzzles people liked, which ones they didn't, how hard/easy they found puzzles, and any other comments or suggestions they may have. I'll call it a win if no one complains about the website being broken in various ways. It's also still a win if that's the big thing they have to complain about - it means that we did a great job with the rest of the hunt.

We're planning to rerun the hunt for a wider audience some time in late June or July (which is why I've again been pretty vague with puzzle specifics). We're also thinking about ideas for how we can make the rerun work well for both local and remote hunters, as well as hunters of different experience levels.

I have lots of thoughts on how I could design better software for producing the hunt and running the hunt. Which, as I discovered over the course of the past couple months, have very different requirements!

I guess I can mark another item off my bucket list now. :)

2012-04-28 | 1 comment

Today the Google Games (a Google-run puzzlehunt of sorts for university students) were held in Mountain View. Obviously, I participated.

The Google buses arranged to take us to the Mountain View headquarters were lined up in front of Soda Hall. One of the buses was a double-decker bus, which I'm not sure I've seen in the US before. My team - Ankur, Josiah, Annelise, Nima, and myself - arrived wearing silly hats. Ankur wore a tall straw fez, Josiah wore his usual baseball cap, Annelise had a beret, Nima wore a Russian hat with earflaps, and I wore my wizard hat. We were all wearing our Berkeley Mystery Hunt 2012 shirts. I tried updating my old Dell laptop using the in-bus wifi, but decided that it was probably a bad idea to run down the battery that much en route.

The Berkeley buses arrived a few minutes before the Stanford buses, so we found our table. I had forgotten our team name, but knew that it was a really big number. After looking through my email, I was reminded that we had chosen 4 ⇈ 3 for its length, simplicity of explanation, and un-Googleability (I should note that basically every other search engine handles long queries like that just fine). Somewhat impressively, the staff worked out that it was precisely 2512 when they referred to our team name during the competition. They were also kind enough to not require us to write out the entirety of team name (13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006084096) on all of our submissions.

The contest started off with a round of trivia questions - there were math, science, pop culture, history, and other miscellaneous questions. I have to be a little vague about the actual competition so I don't accidentally spoil the Games for the other sites, but I was proud of a couple of the computer-history-related answers I remembered. Our team thought we did decently but not amazingly well at the trivia round.

The second of the four rounds was a set of puzzlehunt-style puzzles. This was where we hit our stride - the round was scheduled to take 105 minutes. We were done in 40, which set a record for this year's puzzleset across all of the Google Games sites. Ankur managed to extract a long word with knowledge of exactly three known letters, and I managed to get a long theme-related word on a puzzle that was proving very difficult to solve forwards from just the last two letters. Our teamwork was fantastic as usual.

As a result, we had over an hour to burn, so our team high-fived and went outside to enjoy the beautiful day. We rode around on the Google bikes (I hadn't ridden a bike in years!) for a while until one of the security staff very politely informed us that he couldn't let us ride the bikes for liability reasons. Alas. It was fun while it lasted. We returned, and tables were being set up for lunch - Italian from Buca di Beppo. I chatted for a bit with Ilya Sherman, who was on the Texas ARML team with my back in the day and works for Google now.

We grabbed lunch and sat in this garden area with a big outdoor shade umbrella and enjoyed lunch. After we finished eating, we chatted with various other folks. Jaehyun Park (who also interned at imo last summer) came by and we caught up a bit. We went over a couple of the puzzles with Shang Jiang and Kate Harrison and their teammates. Jono Kummerfeld and the rest of the EECS grad student team joined a circle of conversation with us and Hanah Kim, the Google recruiter for Berkeley. We got to hear a little bit about how the Games were developed and playtested internally, which was really interesting, since the majority of my team has been working on our own puzzlehunt for months. The Games developers were very attentive to balance in all of the puzzles - they tried to make them all things that did not require a particularly obscure or domain-specific step. It turns out the Games are a branding event, not strictly a recruiting event, so they're evaluated with slightly different metrics. Hanah asked us how we felt about how we did in the Trivia round, and we again answered something along the lines of "probably top 25% or so."

After lunch, we all went back inside and the organizers announced the standings, where we discovered that we had grossly underestimated our trivia performance - we had, in fact, placed first in that round as well.

The next round involved building something out of Legos, and I'm pretty sure I can't say anything more specific than that without giving away the activity. We wound up getting third in this category, and I came up with what I felt was an innovative design for part of the task.

The final round was a combination of some programming problems and a final puzzlehunt-style puzzle. Nima and Josiah and I worked on the programming problems, and Ankur and Annelise did the puzzle. And when I say "Nima and Josiah and I worked on the programming problems," what I really mean is "Nima started on problem A, I started on problem B, and Josiah started on problem C, and Nima finished implementing all three before Josiah or I managed to get a sufficiently performant solution for either of our problems." We were one of 7 teams to finish all three problems at both difficulty levels.

Some teams came up with clever ways to improve their code's performance - Ben Dong, one of the undergrads I do research with, told us when his team ran their Python implementation on CPython and it was too slow, they tried it again with PyPy and it finished running in time. I thought of doing this, but I didn't have PyPy installed. Everything turned out okay though; Nima's C++ implementations were great, and in the meantime, our puzzlesolvers had finished the extra puzzle (which they described as very elegant).

At the end of the day, we wound up winning by three points out of a possible 247. Jaehyun's team got 2nd place (and would have beat us if they'd finished the 7-point extra puzzle). Berkeley had taken first at the Google Games for the first time in five years. (Stanford still won overall; their teams did better on the average). The next-best Berkeley team turned out to be Jono's team, which placed sixth fifth (thanks for the correction, Jono!). Our team was awarded Samsung Chromebooks as our prize. Since I had brought two laptops (one for me, one for Ankur in case his laptop started acting up again (a fairly regular occurance)), I get to say this line:

I went to Google Games with two laptops and left with three.

Photos were taken, and hopefully Hanah will send us a link to them in the near future. We got back on the bus, and our team worked on the Friday and Saturday New York Times crossword puzzle. At some point on the bus ride, I fell asleep.

We got back to campus, tried to finalize puzzlehunt-related plans and make sure we'd done everything that needed to be done in time for the hunt. I got home around 01:00 and coded until 03:30, when I finally finished getting the team import script right (and idempotent).

2012-04-23 | 0 comments

The .org registry lost my domain today. I am not pleased; this is a situation of "you had one job! ONE JOB!" Also, my study website is hosted...under my domain. Gah.

A few minutes on the phone with my registrar fixed the issue.

2012-04-22 | 0 comments

I spent 14 16 hours on campus today (apparently I can't subtract at 3am). The Campus League of Puzzlers did a near-complete audit of the puzzlehunt we're running next Sunday. I personally playtested the entirety of the runaround. We also added some snazzy features to the website.

We have 135 players representing 22 teams registered, which is more than we expected and very exciting. We've put in numerous man-days planning this hunt, and it's great to see it all coming together at the end.

I am exhausted, but happy.

2012-04-20 | 0 comments

Someone I met at Valkyrie's wedding sent me a link to an article titled The Extroverted Web, which I found intriguing. I can't help but think about the social processes involved in software design (which are apparently Linus' favorite part about Linux) and Clay Shirky's extensive work on internet group dynamics. I'm not sure exactly what I think about this, but I'm starting to think that part of the reason that some people find submitting to the kernel intimidating is because it needs to be that way to ensure the group remains functional at scale.

It's ~21 degrees outside, so clearly that makes it 32 degrees indoors and somewhat miserably hot in the afternoon/evenings. (Sidenote: looking forward to having a first-floor, east-side, air-conditioned room in a house in a month. Not having to have my monitor fight the sun for brightness/contrast will be fantastic too.)

The upshot of this is that I've spent a decent chunk of the past two days in a disgusting puddle of sweat, trying to avoid exertion that will further increase my body temperature. Maybe that's why I'm waking up so early in the morning lately.

On the upside, it's lovely outside of my apartment, so I went on a nice long walk with some friends.

In other news, today I received an Asus Xtion Pro depth camera. A few hundred lines removed and a few lines added, and it works with libfreenect. Right now it's just in quick hack form, but when I get around to the refactor which adds support for the Kinect for Windows, it'll be trivial to add support for the Xtion Pro as well. I may have to seek out an Xtion Pro LIVE at some point, which also has the RGB camera and microphones.

2012-04-15 | 0 comments

Today, Austin and Colin made crêpes for cooking club. There were savory crêpes and sweet crêpes, and I had two of each. Crêpes and nutella belong together.

I wound up taking a nap in the afternoon. Now I'm working on cyberlaw things.

2012-04-14 | 0 comments

I got up at early-o'-clock (approximately 06:40, or "two full hours before I normally wake up"), picked up Ankur, Annelise, and Josiah, and drove down to Stanford for this year's Microsoft College Puzzle Challenge. The CPC wasn't being held this year at Berkeley, but that won't keep a team of serious puzzlers like ours from getting their puzzle fix.

We wound up packing an extraordinary amount of supplies. There's the obvious things: pencils, scratch paper, computer, and power supply. There's the not-obvious-the-first-time-but-obvious-if-you've-done-it-before: scissors, tape, colored pencils, a ruler, whiteboard markers that work, and a portable whiteboard. There's the we-like-being-nourished-while-thinking-this-hard: bananas, oranges, Clif bars, crackers, trail mix. There's the we're-serious-about-having-everything-we-might-benefit-from-having-on-hand: a projector, a 14-port power strip, an extra pair of laptops. And finally, there's the we-do-this-in-style: t-shirts from past puzzle competitions and a wizard hat. Ankur also had a pillow and a sleeping bag (unrelated - he needed to return them to a friend), but he left those in the car.

We settled into a snazzy conference room, and then another team dropped in saying they had reserved it for the day, so we moved to a different unoccupied one. Fortunately, Stanford's CS building is snazzy and has lots of awesome conference rooms. We wound up in a room with a giant table, in between a men's bathroom and a kitchen. I plopped my power stip in the middle, and we got to work.

I felt our teamwork was very solid overall. We played to our strengths - Annelise is great with word puzzles, Josiah does an amazing job of finding obscure things and can jump in to help on pretty much any puzzle, Ankur excels at figuring out answers with insufficient or mistaken information and notices patterns well, and I tend to be decent at throwing down extraction mechanics, know a pile of encodings, and hack together scripts. To top it off, we're all pretty good at catching each other's mistakes. :)

Puzzles that I had a hand in solving:

All told, we got second nationally, and first at Stanford, so we each got a $100 Best Buy gift card. This bodes well for Google Games (upcoming on the 28th). We also earned the distinction of being the only team to complete every puzzle during the competition.

After the brief award ceremony, we hung out on campus with a group of Ankur's friends. Ankur led us to several fruit trees, and picked lots of kumquats from the trees. Apparently Stanford has an online encyclopedia of the flowering plants on campus. After eating kumquats and oranges, we went to The Axe and Palm for dinner. The same building had lots of snazzy meeting rooms, so our team sat down and worked for a bit on our puzzle hunt. Annelise and Ankur focused on finalizing the t-shirt design, and Josiah and I played puzzle-doctor for a particularly broken puzzle. After toying with a decent number of options, we rewrote

And then, all of a sudden, it was 23:00, so I drove us back to Berkeley. I dropped Ankur at his residence, then joined Josiah and Annelise for a cup of tea and another hour of coding for our puzzlehunt website.

It was a good day, and I'm looking forward to hunting with that team again. :)

2012-04-12 | 0 comments

I'm a bit behind on the ol' blogging again.

Saturday:

Peter Bailis organized a trip to go hiking at Mount Tam, which gathered 8 folks. Dave Moore picked up Greg, Sarah, and me at some unholy hour like 8am and drove over. There were some curvy mountain roads, which were being expertly navigated by the five Ferraris (no joke!) in front of us and the one behind us. Dave was keeping pace in his Subaru, which was a combination of awesome and terrifying. My right arm got a workout gripping the handle on the door.

Dave keeps pace with the Ferraris
Dave keeps pace with the Ferraris

We passed over a tiny wet patch on the road, to which Dave quipped "I was excited right when I went over that wet spot, because even if it was for just a fraction of a second, I had better acceleration than the Ferraris." We all laughed.

We met up with Peter, Claire, Austin, and Philip when they too arrived in the outskirts of Stinson Beach. From there, we set out on the 7 mile trail, which was lovely. There were a bunch of chalk arrows on the trail pointing in the opposite direction of our path - apparently there was some Team in Training event going on on the trail.

After we finished the hike, we drove to the summit (which would have been a 14 mile hike, which some of us were not up for) and ate lunch at a picnic table.

Peter took lots of pictures with his hipster black-and-white film camera, and he taught me some of the science behind photography. I only had my phone with me, so apologies for the below-average image quality.

Claire passes between two giant redwood trees
Claire passes between two giant redwood trees

Peter switches rolls of film in his camera
Peter switches rolls of film in his camera

Austin, Peter, and me on a tall rock at the peak
Austin, Peter, and me on a tall rock at the peak

Peter.  You can see the Bay Bridge and SF in the distance.  While you can't see it in this picture, we could also see the Golden Gate from this vantage point.
Peter. You can see the Bay Bridge and SF in the distance. While you can't see it in this picture, we could also see the Golden Gate from this vantage point.

Sunday:

Worked on the Berkeley Mystery Hunt website. I'm learning Django!

Monday:

Excellent day. Moxie Marlinspike, perhaps one of the world's greatest experts on attacks on SSL (secure web browsing), came and gave a lecture (much like his BlackHat 2011 talk) on the problems with the CA system used to provide security on the web. He described the missing piece in today's system as "trust agility" - the ability for users to revoke their trust in a CA (or any trusted third party) at any time without loss of functionality.

Moxie has a project called Convergence that provides such a system. It's based on the concept of network perspective - a man-in-the-middle attack typically makes a site look different (from a computational perspective), and so if you can approach the site the from many places, you can see the discrepancy, and know not to trust the fraudulant cert. It's quite cool, and one of my friends is trying to implement it for Chrome.

I find the whole project inspiring. If anyone can fix the CA problem, it will be Moxie and his collaborators - he is asking the right questions.

We had cooking club as well, which meant that I missed having dinner with Moxie and the other security folk, but Jon Long made Beef Wellington, and it was amazing. There was also fresh bread, a spinach salad, quinoa salad, and cheesecakes. I was so full I had to lie down for a spell.

Tuesday:

It was raining all day. I paid my car insurance.

Wednesday:

The Campus League of Puzzlers met up for a meeting. Our puzzlehunt is coming together! I'm a little afraid that it will barely be done in time, but our plans are becoming more and more complete as the days go on.

Our meeting ended at 20:00. I managed to catch the 20:08 BART to SF, where I met Patrick Bogen, his friend Renee, Matt Mullins, David Mackey, and Joe Cabrera at the Beast and Hare for dinner. I had rabbit stew, lamb bacon (very tasty!), and a slice of carrot cake. We chatted for a while, and then I went home and slept.

Thursday:

I finished hacking up the website for our user study, which included learning how HTTP file uploads work. Yay research.

2012-03-31 | 1 comment

Today I resealed the cork on my Birkenstocks. Yay.

TL;DR for the rest of the post: PRIVACY RANT PRIVACY thoughts RANT

There's been some himhawing about the Internet lately over an iPhone app called "Girls Around Me" which has become a posterchild for "social media privacy wake-up call". The app itself takes public Foursquare checkins and cross-references them with Facebook accounts. Read this article explaining why that's creepy.

Now, the app has had its Foursquare API key pulled and has been removed from the iTunes store.

Several people have written interesting responses about the incident. Parker Higgins compares Girls Around Me to Firesheep. Charlie Stross makes an eloquent case for how social networks are financially incented to structure their products to mislead their users or at least intentionally avoid educating their users about privacy. It's how they make their advertising money, after all.

To me, I see the problem of privacy as having (at least) two large facets: informed consent and control of context. Informed consent means the user must understand the risks and implications of the action they are going to take (say, sharing their information with a web service). Control of context means that the user is in charge of where that information can be disclosed - I may be fine talking to my colleagues or family about things that I wouldn't want shared with everyone on the street. Surely you can relate.

Here, users are inadequately informed of the implications of sharing their information, so even though they've "given consent" to the system, they don't realize the impact that could have. Second, once they've handed this information to a platform like Facebook or Google+ or really, any social media product, they are letting whoever runs that product be in charge of the context that information is used in. And so many platform owners make APIs that let third parties use the data that there's little control left to the user. The concept of communications defaulting to private the way we'd expect in real life no longer works on these platforms. I'm not trying to ignore Facebook's privacy controls nor Google's circles concept, but far too few people understand what's going on here, and the (profitable!) default is to share everything. Some part of me thinks that people who don't think about these topics get what they deserve, but I digress.

Switching gears (but still within the broader topic of privacy): Al Franken raises concerns over the power of dominant tech firms (pdf for the brave). While I don't appreciate his support of SOPA, I'm inclined to agree with him here on issues of antitrust. A couple lines struck a particular chord:

"The more dominant these companies become over the sectors in which they operate, the less incentive they have to respect your privacy."

"And so when companies become so dominant that they can violate their users' privacy without worrying about market pressure, all that's left is the incentive to get more and more information about you. That's a big problem if you care about privacy, and it's a problem that the antitrust community should be talking about."

To those who would claim to not care about privacy, I need only point to the previous section of this post to explain why such a cavelier attitude in general might be unwise. While obviously Google isn't about to publish all of their users' searches everywhere, and Facebook isn't about to yank all security controls, there's a concerning amount of homogeneity. We're there, and like the US government's budget failures, I suspect that this will become clear to the public only once it has become too late.

There's a place for startups here - ones that will respect the privacy of their users. DuckDuckGo comes to mind. The hard part is making sure that they'll remain that respectful even when they start to succeed, or when the cost of doing so means their economic failure when they have to compete with larger, less-scrupulous competitors.

In the meantime, I'll stick to personally running as many of the things I use as I can, like this website and a number of other services upon which I rely.

I'll probably continue to spend a certain amount of effort to stay in personal control of my image and my communications and be looked upon as a paranoid phobiac with silly concerns who makes it hard for people to interact with him and stay in touch.

2012-03-25 | 5 comments

I went skiing at Tahoe this weekend!

Allie and Ryan Janoch, Paul, Judy, Jon, and I drove out Friday evening. We'd actually planned to go last weekend, but it had been raining all week in Berkeley (which means it was probably snowing in Tahoe) and there was a bit of a blizzard. Mountain passes in a blizzard are no fun, so we opted to put the trip off until this weekend.

Friday

I rode with Paul and Judy for the ~3 hour trip. It was mostly uneventful - we stopped at a Whole Foods to grab some dinner, and I took a nap. We had minor navigational difficulties in finding the condo we were staying at on account of the GPS failing to know about the street the condo was on and all of us having difficulty locating it on our phones. Eventually, after a bit of turning about in Nevada, we prevailed in our lodging-locating expedition and unpacked.

The place was nice - two-story, three bedrooms, two bathrooms, a snazzy well-furnished kitchen, washer and dryer, a foosball table, a couple couches, and some wooden mats that looked like giant coasters for people to sit cross-legged on.

After we settled in a bit, we took a trip to the local Safeway to get breakfast foods. We wound up with something like $60 of yogurt, fruit, granola, eggs, bread, veggies, and beverages. Paul made Tequila Sunrises, which are surprisingly tasty. Judy sliced some fruit, including a kiwi, which made my mouth tingle in a weird way. Apparently, kiwis contain raphides which enhance the effects of actinidin, which I may be allergic to. Maybe that's why I haven't eaten kiwifruit since I was a small child. We watched the first episode of Firefly, which ended just about the time Jon, Allie, and Ryan arrived. We all went to bed so we could get up at a reasonable hour and hit the slopes in the morning.

Saturday

I wound up setting the time for the alarm, but failed to switch the alarm to the correct mode, so my 08:30 planned wakeup turned into more of an 09:17 wakeup. I probably needed the sleep anyway.

I ate a fried egg on toast and some yogurt, strawberries, grapes, and banana topped with granola for breakfast. Gotta fuel up for the day!

Allie and Ryan have season passes at Heavenly, so Jon and I got $10 lift ticket discounts for being their guests. Heavenly has fancy RFID cards for their lift tickets that they can scan through your ski jacket. I am totally going to see if my RFID reader can read it later - probably not, but worth finding out. Jon and I rented equipment. I sprung for the performance skis and a helmet. I will never ski without a helmet again, after what happened on my previous ski trip. Ask me about it in person some time, if you haven't heard the story before.

The winds were fierce, and most of the lifts and trails were closed. Those that were open still were somewhat crowded (Saturday is unsurprisingly the busiest day at ski resorts). The snow conditions weren't great - a bit slushy, a bit icy, and in a couple places, winds so strong they'd almost blow you uphill. Most of the runs that were open weren't great, but it was a decent chance to get back into the swing of things, since I think the last time I skied was in 2010. Allie and Ryan decided not to ski - season pass holders can be choosier about when they ski. Ryan also had an ankle injury, so he probably shouldn't have been skiing anyway. Jon and I stuck it out for the rest of the day, though. I wound up a little sunburnt and windburnt on my nose and cheeks.

That night, Allie and Ryan made spaghetti and meatballs and a salad with a vinaigrette dressing and fresh bread (but the yeast was expired and didn't rise very well, and the oven was weird and burnt the bread, so not so much bread) and pineapple. It was delicious.

I played foosball with Ryan. He is a worthy opponent. After our game, we added Judy and Jon to the two sides and played a couple 2v2 matches. The 2v2s were better than the 1v1 - the table was so frictionless that shots could go right through defenders. With a hand on every handle, though, the game felt much more a challenge of skill. It was noisy and the battles were ferocious.

Later, the six of us played Pass The Popcorn, a movie trivia game. Paul knows movies pretty darn well, and won handily.

We watched The Whistleblower which is definitely not a feel-good movie. I made fruit smoothies (the kitchen had a nice blender!) served in a big red wine glass. Classy.

Jon and I discussed how he wants a device with a three-day battery life that we can use for editing text in the wilderness. Nothing really satisfies this need - e-readers have terrible keyboards, and basically nothing else lasts long enough. Pencil and paper come close, but we need our vim, and handwriting everything gets exhausting. Last time I handwrote more than two sentences, my hand started cramping up. I am so much more productive with a good keyboard.

Sunday

I managed to set the alarm successfully! For future reference, anything short of a puzzlehunt that makes me wake up before 09:00 shall be officially classified as The Enemy.

I made an even bigger breakfast today than on Saturday - a two-egg omelette as the filler for a sandwich on sourdough bread in addition to my fruit-yogurt-granola mix. Mmmm, breakfast.

The skiing was much, much better today. All of the trails were open. Allie, Jon, and I started out on the Nevada side of the mountain, and hit a bunch of glorious trails. Lots of wide trails with good snow. It was a bit colder outside (and we started a bit earlier), so the lifts tended on the cold side in the wind, but I have no complaints! Allie is a speed demon - we let her lead the way (since she knows the trails the best), but she managed to get so far ahead of us that we lost track of where she was and missed switching trails a couple times. I can't blame her - the mountain is great for fast, controlled skiing.

As lunchtime neared, we skied across the border to the lodge on the California side, which was closer to the condo. There was a lot of pole-pushing across flat runs, which was quite exhausting. On the final run, I had a fairly impressive wipeout. I'm not sure if the shaking in my legs that I noticed afterwards was from adrenaline or general fatigue.

We met up with Ryan and Judy and Paul at the lodge for a late lunch. When the weak feeling in my legs didn't go away after eating, I decided that I should probably call it a day before I injure myself, so I returned my rental equipment and got on the road with Paul and Judy. We turned back shortly after leaving when we realized that we hadn't ever refuelled the car (and the gas light illuminated). I'm going to have to remember Paul's excellent technique for turning the car around on a two-lane road when there are a bunch of cars driving fast behind you in your lane of origin, but the lane going the opposite direction is empty and has a shoulder.

I'm home now. I want to watch the rest of Firefly.

2012-03-23 | 0 comments

I spent 7 hours converting every single one of my blog entries to the markdown variant I described a while back. Now they're all pretty!

At some point, I think I should throw all the entries in my AeroFS folder. Then I could write them locally even if I don't have internet and they'd automagically sync up when I'm connected again.

On the topic of parsing: I found this video from PyCon 2012 interesting. The results were basically what I had concluded when trying to parse dokuwiki - lots of interesting grammars (like wiki markups!) are context-sensitive, for which you need either lots of lookahead assertions (ugly) or PEGs (fairly young, not widely supported, and less performant). I have some more references for building a better dokuwiki parser now, though, if I wanted to make one true to the original syntax.