March 31, 2004

EG turns 5000

According to Sitemeter, for the first time ever this month EG got over 5000 "visits" (Whatever that means. Defining a visit isn't an exact science...) Good work, comrades, and keep clicking.
Posted by ekr at 09:40 PM | Comments (1) | TrackBack

Tradition... it's what keeps us on the roof

It's pretty easy to write a story about people's response to contrary evidence:
  • People have been doing X for years based on anecdotal evidence theoretical arguments about why X should work
  • Someone does a controlled study and concludes that X probably doesn't work.
  • Practitioners say "we think it works anyway".

This AP article about stretching and fitness provides a pretty good example of the form. Basically, some people at CDC did a review of the literature and concluded that the evidence didn't support stretching for injury prevention. The article concludes with:

Two other researchers said, however, that there may still be value in the stretches that coaches require, and athletes do.

Lynn Millar, a professor of physical therapy at Andrews University in Berrien Springs, Mich., said her experience in treating people with injuries tells her that those who don't stretch may find they can't move their arms and legs as far as they used to, and this could set them up for injury.

"Unfortunately, a lot of us don't have a normal range of motion," Millar said.

Stephen Rice, director of the sports medicine center at Jersey Shore University Medical Center in Neptune, N.J., said he values the experience of trainers and athletes.

Flexibility is an element of fitness, and stretching ought to make a person more flexible, Rice said. "I would say the conventional wisdom has a certain amount of wisdom to it," he added.

This phenomenon isn't unique to medicine. The response to Gilovich and Tversky's work demonstrating the non-existence of the Hot Hand in basketball (here is a particularly choice piece) was almost exactly identical. (See here for a nice web page on the topic). Humans just have a terrible time distinguishing random from non-random behavior, perhaps because our internal pattern-detecting machinery is too good. And of course, once you think you've detected a pattern--and spent years acting on it--commitment and consistency make it very hard to give up your beliefs.

Thanks to Kevin Dick for pointing me at the SF Gate article and suggesting the generalization of the observation.

Posted by ekr at 08:42 AM | Comments (42) | TrackBack

March 30, 2004

Yet more on paternalism in medicine

DB follows up:
Let me try again. Many patients make their own decisions regardless of our recommendations (and remember, we prescribe we do not force feed medications). I guess a well educated patient might be able to figure out a complex medication regimen. But it really is unlikely. I guess I could treat myself - but we do have a saying about that - "The doctor who treats himself has a fool for patient".

So I must endorse this form of paternalism. Physicians have the training and experience to juggle the multiple conditions and disease manifestations. We should include the patient in our decision making - but we should recommend and recommend strongly a treatment course that best fits the available evidence. For that I do not apologize!

Medpundit expresses similar sentiments:

I can't say I agree with all of his points. There are some drugs, like prescription allergy medication, and ulcer medication which are fairly harmless and don't really need monitoring or the help of a doctor to decide whether or not they're needed. But there are others - heart medications, cancer drugs, blood pressure drugs, etc. that either need the expertise of a physician to make the correct diagnosis for their appropriate use or that need to monitored closely for potential side effects. Even drugs as seemingly benign as blood pressure drugs need to be monitored periodically to make sure they aren't having adverse effects on the kidneys or, in some cases, the heart or the balance of the body's electrolytes. That isn't being paternalistic, just responsible.

Both of these responses seem to me to miss the point. Sure, one should generally have a professional diagnose one's medical problems and control one's drugs. But one would also probably be better off if one let a professional work on your car transmission, do your taxes, o, to draw an example closer to my heart, hiring a professional to design your computer security system rather than trying to do it oneself. Certainly 99% of the time the professional would do a better job, but only the customer can decide whether that justifies the inconvenience and expense of seeking a professional.

What's paternalistic is that in the medical field--as opposed to computer security or auto repair, the professionals have managed to lobby to make it illegal for people to serve themselves. There are lots of fields that are so complicated that one could argue that consumers would be better off to hire a professional--in fact this is the standard argument that guilds have used to justify legislated monopolies for centuries. Neither DB nor Medpundit seems to me to have made a particularly good argument for why they should be able to use the force of law to maintain that monopoly.

Posted by ekr at 03:18 PM | Comments (53) | TrackBack

When is paternalism justified?

DB from DB's Medrants responds to McBride's article on prescriptions and paternalism:
Trent hypothesizes that making patients come to the doctor for prescriptions represents the ultimate form of paternalism. I will disagree to some extent on his proposed solutions.

Yes, prescribing medications is paternalistic. But then I do not assume that all medical paternalism is bad.

If you have congestive heart failure, I have a complex drug regimen to prescribe. Adjusting these medications requires repeated visits. I must understand the side-effects of each medicine, alone and in combination. I must consider your renal function, and your electrolytes. Finally, I must prescribe the medications with an understanding of your other medical problems (and few patients have CHF alone).

So to provide the highest quality care, I believe that I must be paternalistic. In that sense paternalism is not a bad attribute.

I think DB is missing something important here. Sure, if you want high quality medical care and you're not medically sophisticated you want to be under the supervision of a doctor. The problem is that it's legally mandated. There's no law against me working on my own car, but when I have a transmission problem, I don't drop the tranny in my garage--I take it to a mechanic. (To tell the truth, I take it to a mechanic to have the wiper blades changed). So, I think if you want to have mandatory paternalism, you really have to explain why people aren't able to decide for themselves whether they want close monitoring. In my view, DB doesn't do that satisfactorily.

Posted by ekr at 08:10 AM | Comments (51) | TrackBack

Paternalism, medicine, and prescriptions

There's an interesting article by Trent McBride arguing that the requirement that patients obtain a prescription in order to get most drugs is a bad thing.

McBride doesn't use the term "rent-seeking" but nevertheless describes the phenomenon pretty clearly:

That's a pretty raw deal. But if patients lose, who gains? The benefits have to accrue somewhere. And they accrue right into the lap of physicians. Under the pretenses of patient safety, we have supported a system that restricts access to drugs so that patients will be more reliant on our care. By placing ourselves at the top of the drug information hierarchy, with the government's blessing, we have created a system that artificially increases demand for our services (thus increasing fees), stresses the service capability of the health care system, and very possibly causes harm to patients.

I generally agree with this line of argument, but there's one part of the article that doesn't make much sense:

To switch gears, let's look at two recent examples of drugs that switched to OTC status to much fanfare. In 2003, the heartburn medication Prilosec was granted OTC status. Its price quickly fell from $4 to $1 per pill. In 2002 the allergy medication Claritin underwent the same transformation with a similar fall in price. It amazes me that I have actually heard some physicians say they didn't understand why. When the gatekeeper was removed, supply was no longer artificially restricted and the price was bound to fall. (Claritin was complicated by the fact its patent was set to expire. However, its price fell independent of its patent expiration.)

(Sidebar: As an example of the perverse incentives of health insurance, while the price of the medicines fell, the price the patients had to pay out-of-pocket actually increased because OTC meds are not covered by health insurance plans or Medicare. So patients had the incentive to buy the more expensive medicines, increasing the costs for everyone.)

Let's take a step back here: it's true that overall cost to the consumer should drop when the supply is unrestricted, but that doesn't mean that the street price should go down, as a large part of the overall cost is rents collected by physicians. The Claritin issue is complicated by patent expiry, but I suspect that in the case of Prilosec, what happened was that there were a lot of people to whom Prilosec wasn't worth $4/pill but it was worth $1/pill. In fact, many of them were probably being prescribed Prilosec but their insurance was paying for it! When it went OTC, they had to bear the full burdened cost (often because their insurance company stopped paying, which is oftem from whence the pressure to go OTC comes) and so the company had to drop the price in order to sell. The other likely effect is that Astra-Zeneca is trying to get enough Prilosec brand recognition to avoid getting completely hammered when generic Prilosec OTC comes out.

MB>Note: Fixed "restricted" -> "unrestricted". Error pointed out by Christian Murphy

Posted by ekr at 08:06 AM | Comments (28) | TrackBack

March 29, 2004

Do doctors wash their hands enough?

Atul Gawande has an interesting perspective in the latest NEJM. Basically, doctors don't wash hands that well between patients. Doing a proper job takes a minute or so, which can seriously cut into patient care time:
Even with the right soap, however, proper hand washing requires a strict procedure. First, you must remove your watch, rings, and other jewelry (which are notorious for trapping bacteria). Next, you wet your hands in warm tap water. Dispense the soap and lather all surfaces, including the lower one third of the arms, for the full duration recommended by the manufacturer (usually 15 to 30 seconds). Rinse off for 30 full seconds. Dry completely with a clean, disposable towel. Then use the towel to turn the tap off. Repeat after contact with the patient.

Almost no one, of course, adheres to this procedure. It seems impossible. On morning rounds, our surgery residents may visit 20 patients in an hour. The nurses in our intensive care unit typically have a similar number of contacts with patients requiring hand washing in between. Even if you get the whole cleansing process down to a minute per patient, that's still a third of staff time spent just washing hands. Such frequent hand washing can also irritate the skin, which can produce a dermatitis, which itself increases bacterial counts.

Less irritating than soap, alcohol rinses and gels have been in use in Europe for more than a decade but for some reason are only now catching on in the United States. They take far less time to use -- only about 15 seconds or so to rub a gel over the hands and fingers and let it air-dry. Dispensers can be put at the bedside more easily than a sink. And at alcohol concentrations of 50 to 95 percent, they are more effective at killing organisms, too. (Interestingly, pure alcohol is not as effective -- at least some water is required to denature microbial proteins.)

Still, it took Yokoe more than a year to get our staff to accept the 60 percent alcohol gel we have recently adopted. Its introduction was first blocked because of the staff's fears that it would produce noxious building air. (It didn't.) Next came worries that, despite evidence to the contrary, it would be more irritating to the skin. So a product with aloe was brought in. People complained about the smell. So the aloe was taken out. Then some of the staff refused to use the gel after rumors spread that it would reduce fertility. The rumors died only after the infection-control unit circulated evidence that the alcohol is not systemically absorbed and a hospital fertility specialist endorsed the use of the gel.

I can empathize with this. Like a lot of triathletes, for whom getting sick means two weeks of lost training, I'm hypercareful about washing my hands before eating. Even that is a major pain in the ass. I can't imagine what it must be like to have to wash your hands 20 times an hour. That said, the resistance from the hospital staff to the alcohol gels is kind of depressing. The science showing they're better has been out there for a while.

That said, it's not clear what the payoff is:

With the gel finally in wide use, the compliance rates for proper hand hygiene improved substantially: from around 40 percent to 70 percent. But -- and this is the troubling finding -- hospital infection rates did not drop one iota. Indeed, the MRSA and VRE infection rates have continued to rise. As of the day I write this, 63 of our nearly 700 hospital patients have become colonized or infected with MRSA, and another 22 have acquired VRE -- unfortunately, typical numbers for an academic hospital.

So, the obvious question at this point is: would better compliance actually help? Maybe we're at the point where anything short of completely sterile procedure just doesn't make that much difference. Or maybe other kinds of washing, like cleaning surfaces more often, would produce more bang for the buck. I haven't read any studies on the cost/benefit ratio in this region, but it would be good to see some.

Posted by ekr at 05:42 PM | Comments (43) | TrackBack

A fine line...

I figure the line between brilliant but insane and insane but brilliant is drawn just between Noam Chomsky and Julian Jaynes.
Posted by ekr at 06:22 AM | Comments (5) | TrackBack

March 28, 2004

When can I get my home AIDS test?

The FDA just approved a 20 minute HIV test that works from a saliva sample instead of a blood draw [*].
The new test uses the same technology and works as quickly, but with saliva, which is hundreds of times less infectious, and therefore less dangerous to the tester.

It uses a plastic stick with a pad that is rubbed against the gums and put in a vial of reagent solution. Within 20 minutes, if the result is positive, two reddish-purple lines appear on a window on the handle.

The company says the new test can detect H.I.V. antibodies as soon after infection as earlier tests can roughly six weeks, though the time for each person varies.

For now, it can be used only in certified laboratories, but Dr. Lester M. Crawford, the acting commissioner of food and drugs, "strongly urged" the company yesterday to apply for a waiver that would let the test be used in simpler settings, like neighborhood clinics.

With such a waiver, Mr. Gausling said, "anyone with a seventh-grade education can administer the test if they can read instructions."

Dr. Fauci said he thought it was "almost certain" a waiver would be granted.

This kind of test would be ideal for home usage. You can already get home HIV tests, but they're not self-contained. You have to send your sample into a lab for testing. This test sounds like it's completely self-contained, like a home pregnancy test. When can I expect to see it being sold over the counter?

Posted by ekr at 10:03 AM | Comments (3) | TrackBack

March 27, 2004

Witty worm...

Colleen Shannon and David Moore at CAIDA have published an analysis of the spread of the Witty worm. Here are some high points (from the front of the report):
  • Witty was the first widely propagated Internet worm to carry a destructive payload.
  • Witty was started in an organized manner with an order of magnitude more ground-zero hosts than any previous worm.
  • Witty represents the shortest known interval between vulnerability disclosure and worm release -- it began to spread the day after the ISS vulnerability was publicized.
  • Witty spread through a host population in which every compromised host was doing something proactive to secure their computers and networks.
  • Witty spread through a population almost an order of magnitude smaller than that of previous worms, demonstrating the viability of worms as an automated mechanism to rapidly compromise machines on the Internet, even in niches without a software monopoly.

Well, that's sure good news!

Posted by ekr at 08:15 AM | Comments (5) | TrackBack

The "Pirate" bill...

Leahy and Hatch have proposed the Protecting Intellectual Rights Against Theft and Expropriation Act (PIRATE) (I hate these stupid names.) The intent is to have federal prosecutors file civil lawsuits against P2P file swappers. Check this part out:
"Copyright owners and the entertainment industry in particular have been frustrated that the [Justice Department] hasn't been willing to take this on," von Lohmann [from EFF -- EKR] said.

He said that the legislation is the latest in a string of industry-backed proposals to broaden the government's copyright enforcement power. "Every one of these proposals has been at the behest of the industry, not at the behest of the DOJ."

The Justice Department did not ask for the authority that the legislation provides, said Senate Judiciary Committee spokeswoman Tracy Schmaler.

Justice Department spokesman Charles Miller declined to comment.

If such a bill passed, the Justice Department could be forced to join the fray, von Lohmann predicted. "Once that power is there, the pressure on them to actually use it will become all the more intense. The drumbeat here is that the entertainment industry would really appreciate it if the DOJ would do their dirty work for them."

It's important to remember how all this works. The existence of music and videos with near-zero marginal cost of production creates a large amount of surplus (the difference between what the customers would pay and what the media could be produced for). Before the Internet, the media companies were extracting most of this surplus because they controlled the distribution channel. The Internet shifted the balance of power back.

Now, the record companies want the government to remove the Internet option, thus letting them extract more of the surplus. That's perfectly understandable, but it's not clear why taxpayers should pay a lot of money for tighter P2P enforcement, thus enabling us to pay more money for CDs and DVDs.

Posted by ekr at 07:52 AM | Comments (1) | TrackBack

March 26, 2004

More forensics goodness

Check out this article in the New Scientist. Apparently one of the "diagnostic signs" for "shaken baby syndrome" isn't actually supported by any real empirical evidence (see the original British Medical Journal article and the accompanying editorial.) I sure hope people aren't being put in jail based on this kind of evidence alone.
Posted by ekr at 08:51 PM | Comments (10) | TrackBack

MD5 is too secure already

/. has a note about the MD5CRK project. Somehow I missed this when it first came out a few months ago because otherwise I would have dumped on them then. The goal of the MD5CRK project is:
This project aims to find collisions in outputs of the MD5 hash algorithm using distributed computing (or a "Chinese Lottery", as mentioned in the previous story). The project will be considered successful if major crypto vendors - and developers in general - move away from the MD5 standard. MD5CRK is a unique distributed attack in that it attacks one of the most actively used crypto-related algorithm and will provide loads of data for crypto research. Other related projects only seek to decrypt a string of characters specifically encrypted to be attacked.

To understand why this is silly you'll need some background.

What a hash is?
A hash is a function that turns an arbitrary message into a fixed length string which is characteristic of the input message, as in:

H = Hash(M)

A cryptographic hash two desirable properties.

  1. It should be difficult to go from H back to M (though it's easy to compute H given M. This property is called irreversibility
  2. It should be difficult to find two messages M and M' that have the same hash value H. Such a pair is called a collision and this property is called collision resistance.

The security of MD5
With a perfect hash algorithm, the best attacks are by brute force. So, if you're given some hash value H the fastest way to find a message M that hashes to H is to generate a bunch of candidate messages and hash them until you find one that matches. This takes about as many trials as the number of possible hashes. For instance, if you have a 128-bit hash function like MD5 it takes an average of 2^127 hash operations to find a messages that hashes to a given value. 2^127 is an enormous number it's impractical to mount this kind of attack on MD5.

Now, here's the important part for the MD5CRK project: finding collisions is easier. On average, if it takes N operations to reverse a hash function, it takes square root of N operations to find a single collision. This fact is often known as the birthday paradox. 2^64 is a big number but it's not totally out of the range of possibility to do a distributed computation this size. It's long been known that MD5 was theoretically vulnerable to this kind of attack and what the MD5CRK project plans to do is demonstrate that it's feasible in practice.

So what if we find a collision in MD5?
So, say we demonstrate that MD5 can be attacked this way, what does it mean?

Hash algorithms are used for a bunch of purposes in cryptographic protocols:

  1. Documents are hashed prior to being digitally signed.
  2. As a primitive in the construction of symmetric Message Authentication Codes (MACs).
  3. As a component in various kinds of pseudorandom number generators and pseudorandom functions.

Let's take a look at how hashes are used in the common SSL protocol.

  1. When the client connects to the server, the server provides its certificate. This certificate is signed by a certificate authority. The way that this works is that the Certificate Authority (CA) first hashes the certificate to reduce it to a fixed string and then signs the hash result.
  2. The client generates a random key and encrypts it under the server's public key (this doesn't use hashes).
  3. Once the client and server share a key, the client and server independently use hashes in a pseudorandom function to expand the shared key into a series of traffic keys used to protect future communication.
  4. The client and server use MACs based on hashes to provide authentication and message integrity for their communications.

Now, the security of the key generation doesn't depend at all on collision-resistance, nor does the security of the MACs used to protect traffic.

The MD5CRK guys argue that collisions are a threat to the certificate infrastructure.

The problem of attacking MD5 is no longer a theoretical matter - it is a business proposition. We intend to find a collision and spend very little money doing it. The grand total thus far is $0.

However, if someone were to invest the $100,000USD required to build an MD5 machine they could forge digital signatures, circumvent password systems and tamper with sensitive, protected documents without detection.

To raise awareness we will find at least two strings of printable text that produce an identical MD5 hash. After each MD5 transform, the 128 bit (16 byte) hash is translated into a 32 character string. This 32 letter string becomes the input to the next MD5 transform and so on. To map the 16 byte digest into a 32 letter string we use the 16 most common letters used in the English language as our radix alphabet in the likely chance we get a true English word out of this process.

Unfortunately, it's much more complicated than that. Remember that we're finding collisions, not reversing the hash. So, you can't just construct any certificate you want. The way the attack would work is that you'd have to build two strings, one of which you could convince the CA to sign and one of which was the one you wanted. So, say you know that H("www.rtfm.com")=H("www.amazon.com") the idea would be to get the CA to sign a "www.rtfm.com" cert, and then you'd turn it into a "www.amazon.com" cert by changing the name. And since the hashes match, it would let you impersonate Amazon.

Unfortunately, finding pairs like that is a much harder problem than finding a simple collision. The way that the birthday attack works is that you generate a large number of candidate messages and look for a collision. Since the number of such candidate messages greatly exceeds the number of "interesting" domain names to attack, the probability that any collision you're going to find is going to be useful--in the sense that it lets you impersonate someone you'd want to impersonate--is very low.

Even if you were lucky enough to find such a collision, it wouldn't be very useful. Certificates contain more than just your domain name. And here's the interesting bit: they contain a serial number and a validity period, both of which are chosen by the CA. Whether something is a collision depends on the data that precedes it--you have two messages M and M' with the same hash doesn't mean that H(XM) = H(XM'). So, even if you had a useful collision, it wouldn't get you a useful certificate in someone else's name.

The MD5CRK guys don't really explain the other attacks they think collisions might enable, so I can't evaluate those claims for sur, but in most cases the security of hash-based systems, depends on irreversibility, not collision resistance.

Why should we care?
As you can no doubt tell, I'm having a hard time getting excited about this project. I don't see what the point is. First, MD5 is gradually being replaced, largely because there have been some attacks on MD5 that are more practical than brute force (though the details are still secret). This transition is happening gradually and there's no reason to panic. MD5 is perfectly safe for most of the applications in current use. That said, while I recommend SHA-1 (a stronger hash) for new systems, it's not clear why the MD5CRK guys think it's so important to replace MD5 right away and finding a single collision wouldn't tell us a single thing we don't already know about the security of MD5.

Thanks to Hovav Shacham for discussions about the security of MD5.

Posted by ekr at 03:39 PM | Comments (36) | TrackBack

March 25, 2004

Oxycontin

There's a nice piece in today's Slate about the hysteria surrounding OxyContin:
In fact, the entire OxyContin "epidemic" is based on a false narrative that asserts that the majority of OxyContin addicts begin as drug-naive pain patients. The cop the Sentinel profiled was actually a typical Oxy addicta prior drug userbut his real story wasn't what they wanted. If Bloodsworth had been looking for that, she would have noted that government data shows that 90 percent of OxyContin abusers have also taken cocaine, psychedelics, and other prescription painkillers. Readers would have been informed that investigators specializing in prescription drug abuse say the typical OxyContin addict has a lengthy history of multiple-drug abuse.

The paper also would have highlighted that addiction is the exception, not the rule, among people exposed to opiates. Studies consistently show that pain patients taking opiates are no more likely to become addicts than people in the general population (i.e., exposure alone does not cause addiction). That is to say, only between 1 percent and 20 percent of people in the general population experience a period of addiction to some substance, depending primarily on characteristics such as age, stress, family history of addiction, and mental illnesses. (Depression, manic depression, and schizophrenia all dramatically affect one's risk of addiction.) If you rule out prior abusers, the rate settles at the low end, in single digits. (Rush Limbaugh may be one such example, though we still don't know anything about his possible prior drug use.) Even among people who try the most demonized opiate, heroin, for recreation or in a situation of extreme stress, only a minority will become addicted. While nearly half of U.S. soldiers in Vietnam tried heroin while abroad, only 20 percent of users became addicts. And only 12 percent remained junkieseven though 60 percent of those addicted while in Vietnam tried heroin at least one more time back home. Research by the National Institute on Drug Abuse finds that most people simply don't enjoy the opiate "high," let alone want it daily.

Yet reporters don't like this narrative, so they ignore it. This tired, predictable story line leaves reporters with unsympathetic protagonists: Who wants to read about scummy addicts scamming doctors? Grandma's back pain making her into a pharmacy robber is much more compelling; unfortunately, it almost never happens.

It's worth reading to get a sense of the hysteria surrounding OxyContin.

It's also worth mentioning that there's nothing particularly special or addictive about the opioid in OxyContin. OxyContin is just a time-release formulation of oxycodone, the same opioid stuff that's in Percocet or Percodan. There are two things that make OxyContin a good drug for recreational use:

  1. OxyContin comes in very high doses. The standard dosage of Percocet contains 5 mg of oxycodone. OxyContin comes in dosages up to 160 mg.
  2. It's pure oxycodone. Percocet is oxycodone plus acetaminophen (the stuff that's in tylenol) and Percodan is oxycodone plus acetylsalicylic acid (aspirin).

These two properties make OxyContin an attractive target for abuse. You can grind it up and get a very high dose of oxycodone. Even if you could get this many Percocet, you'd end up taking a large dose of acetaminophen--which can easily cause liver damage in doses this high. Percodan would be a little bit better but high doses of aspirin aren't that great for you either. You can get pure oxycodone, but Percocet and Percodan are more commonly prescribed. So, if you have really serious pain and need high doses of opiates, OxyContin is a pretty attractive choice, especially with the convenient twice-daily dosing. Unfortunately, these properties makes it an attractive choice for diversion and abuse as well.

Posted by ekr at 09:49 PM | Comments (1) | TrackBack

Aligning your print heads

I recently got tired of having to leave the house whenever I wanted to photocopy something and so last night I invested in an HP 5510 multifunction fax/scanner/printer/copier. The installation includes one cute feature: like most inkjet printers you need to align the print heads. The way you do this on the 5510 is to print out the alignment page and then scan it into the scanner, which presumably figures out what the appropriate offsets are. Pretty clever...
Posted by ekr at 09:28 AM | Comments (2) | TrackBack

Jack Balkin gets cynical

Here's Jack Balkin on Michael Newdow's pledge of allegiance case:
The Supreme Court heard arguments today in Elk Grove Unified School District v. Newdow, and it is very likely that Newdow will lose. The only question is whether the Court will reach the merits or will dismiss on standing grounds. That's not because the law is clearly against Newdow. Indeed, as William Safire puts it in his column, "The only thing this time-wasting pest Newdow has going for him is that he's right." Rather Newdow will lose because no matter what the existing doctrine says the Supreme Court is not going to hold that government officials' use of the phrase "under God" in the Pledge of Allegiance violates the Establishment Clause. The doctrine will simply be parsed or altered in such a way as to avoid this result.

Newdow's strongest argument is that under the Establishment Clause, government may not itself engage in religious activities or encourage citizens-- and particularly schoolchildren-- to affirm particular religious beliefs. When public school teachers lead their classes in the post 1954 version of the Pledge of Allegiance (which includes the words "under God") it is doing both of these things. Newdow can point to the fact that the Pledge was changed in 1954 due to a lobbying campaign by, among others the Knights of Columbus, to draw attention to the difference between God-fearing Americans and the godless Soviet Union.

And then proceeds to analyze how the Supremes might come to a result that would reject Newdow's case in spite of the fact that he's basically right. Now, no doubt Balkin is right. After all, the Supremes are human just like anyone else and it's very easy to convince yourself that the opinion you want to have is actually in line with the evidence--Though this kind of naked political analysis of the Supreme's motives is almost enough to make me agree with Dan Simon's attitude towards the Supremes.

EG readers won't be surprised to hear that I support Newdow's position. I remember being a middle school student and having everyone stand to say the Pledge and feeling that the "Under God" clause was an endorsement of a religion I didn't believe in. Now, it's true that I could have refused to say the entire pledge--though I don't think I knew this at the time. Certainly the school didn't make a point to tell us about West Virginia State Board of Education et al. v. Barnette et al.. I do remember simply not saying the words "under God" on more than one occasion, and feeling pretty self-conscious about it, though I doubt anyone else noticed. For the sake of that kid and others like him I'd very much like to see Newdow win. However, if we're going to lose I at least hope that the Supremes will reject Newdow's case on standing grounds, leaving us the chance of taking another run at the wall in 5 or 10 years.

Posted by ekr at 06:34 AM | Comments (42) | TrackBack

March 24, 2004

A million here, a million there, and soon you're talking about real money

Here's something else interesting about the Procket story:
Procket has been one of the most closely watched start-ups in Silicon Valley, having raised more than $277 million in funding. It is currently working on another round of funding, which will be used to help build out the company's sales force and marketing efforts, said Hayward.

$277 million! Holy crap!

And what with Tony leaving and all, that $277 million isn't looking like that wonderful an investment. Is Allan Greenspan going to have to step in to save the tech economy in some Silicon Valley version of the Long-Term Capital Management bailout?

Posted by ekr at 05:48 PM | Comments (1) | TrackBack

So much for Procket

News.com is carrying the not-totally-surprising news that Tony Li has left Procket [*].
Li, who helped found the company along with Bill Lynch and Sharad Mehrotra, had reportedly tried to quit several times in the past. According to several sources close to the company, Li did not get along with Randall Kruep, the former CEO of Procket, who resigned from his post in June 2003.

Li is viewed as a guru in the routing software industry, having helped create the software used to build Cisco's flagship GSR 12000 platform and Juniper's original core router, the M40. Li also reportedly quit his jobs at both Cisco and Juniper.

If you're not an industry insider, this last sentence is kind of puzzling. Of course Tony quit. How else do you leave a job besides being fired/laid off? Puzzling, that is, unless you've heard the stories about how Tony left Cisco. Here's one version, as told to me by an informant who wishes to remain nameless:

Tony Li posted to a public Cisco mailing list (I think it was stocks@cisco.com). Someone was asking about brokers or complaining about Smith Barney perhaps (the default Cisco broker for ESPP and Options). Tony posted something along the lines that brokers should or [sic.] offered to give good customers blow jobs.

HR called Tony's boss. Tony's boss Stuart [Stu Phillips] chastised Tony and asked him to publicly apologize. Tony doesn't normally suffer fools gladly, but was so pissed off that he went back to his desk, wrote his letter of resignation, and nailed it to Stuart's door with basically a railroad spike.

The "nail" had been around Tony's office for quite some time, because a customer gave it to him in appreciation for Tony's job at the time (fixing OSPF in IOS) which he described as nailing shut all the doors in the Winchester Mystery House.

In this case, I think "reportedly quit" may be code for "didn't leave under the best circumstances but we'd rather not claim that publically".

Posted by ekr at 05:37 PM | Comments (1) | TrackBack

March 23, 2004

I think I've got one of those actuators in a box somewhere...

NASA has discovered that the gears on one of the actuators that drives the rudder were installed reversed [*] This doesn't really surprise me. The space shuttle is really complex and there are bound to be ways to screw up the assembly process that could cause catastrophic failure. Though it's certainly arguable that we might want to design a system that was less complex, that's pretty clearly not going to happen, any more than it has happened with software, which is very susceptible to the same kind of problem.

What's a little scary here is the fix:

Discovery's original actuators are being scrapped, because the course of corrosion is hard to predict, and a small chip falling off could jam a gear. The replacement actuators will be repaired and returned to Discovery.

There had been concern that actuators would not be available for Atlantis, which must be ready for a possible rescue mission when Discovery launches.

However, NASA has found two spare actuators, and has 94 per cent of the parts needed to build two more, Parsons said. He says the remaining parts could come from actuators being removed from the least-flown shuttle, Endeavour. That leaves Parsons "feeling pretty comfortable" about meeting the timetables needed for a return-to-flight launch of Discovery in March 2005.

Let me see if I have this right: NASA is so low on spare parts that they can't fly two shuttles at once without cannibalizing a third? What kind of operation is this? I understand that they can't drive down to Frys for a replacement actuator, but isn't that even more reason to keep all the parts you need on-hand?

Posted by ekr at 07:24 AM | Comments (1) | TrackBack

March 22, 2004

The moon's resources

There's an interesting article in the March 12 Science (subscription required) about the resources on the moon. It seems to be pretty unclear how significant the alleged resources are.
Helium. Even more valuable in the long run may be a much rarer legacy of the solar wind, helium-3. Only Earth-bound humans would benefit, however, and even its enthusiasts acknowledge that it's a long shot.

Helium-3 is attractive because it can fuel an advanced fusion reactor. A helium-3 atom combined with a hydrogen-2 (deuterium) atom or with another helium-3 releases a great deal of energy with relatively little radioactive waste. "If we replaced all the electrical power plants in the United States with [helium-3/deuterium] reactors, you'd need only 40 metric tons to produce all the electricity needed in 2004," says Gerald Kulcinski, a physicist at the University of Wisconsin, Madison. Only a few hundred kilograms of helium-3 are accessible on Earth, he says, but the lunar regolith harbors millions of tons of it.

Several factors make mining helium-3 a dicey proposition. For one, most of the solar wind strikes the lunar farside, which faces the sun when the moon's orbit takes it upwind of Earth's magnetic shadow. But ilmenite, the only lunar mineral that traps helium-3 effectively, is more common on the moon's nearside. Wherever it crops up, even helium-3-rich lunar soil won't contain much of the gas. "It'll be a little better than 10 parts per billion by weight," says Timothy Swindle, a geochemist at the University of Arizona in Tucson. "To make a dent in the world's energy needs, you're going to have to mine a large fraction of the surface of the moon." Physicists will also have to create a working helium-3 reactor--no easy task, considering that decades of research have yet to produce a fusion power plant of any sort. And, of course, someone will have to ship all the helium back to Earth.

Doesn't sound incredibly promising...

Posted by ekr at 10:06 PM | Comments (1) | TrackBack

Statistical quality control and you

As I mentioned below, when you make computer chips that differ only in clock speed, you often do so by by making a bunch of chips and then measuring the maximum speed attainable by each one. Of course, the distribution of chip speeds is then determined by the yield of the manufacturing process, and there's no guarantee that it matches the customer demand curve for chips of different speeds. You can adjust the manufacturing process somewhat, but mostly this amounts to making the quality control more or less tight. Often what happens is that the manufacturer finds themselves in a situation where they're making more fast chips than they can sell at the going price. One thing they could do is lower the price, but (depending on the exact shape of the demand curve) this might or might lead to them making more money. (Imagine that the demand curve for fast chips is very steeply downward sloping). Another option is to just label their fast chips as slow chips and sell them as-is.

This means that if you're a smart consumer and you get one of these downrated chips you can just up the clock speed (called overclocking) and you're good to go. Of course, you're taking a chance that you actually got a legitimately lower quality chip that matches it's labelling in which case it won't work, but that's what you get when you do your own quality control.

Posted by ekr at 07:29 AM | Comments (37) | TrackBack

Manufacturing with less-than-ideal parts

In the modern era of computer-numerically-controlled (CNC) equipment, most people take for granted that we can produce parts with arbitrary degrees of precision. But in the 19th century the watch industry wasn't quite there yet. Up until 1850 or so, good watches were made in a two part process: the rough movement would be made in a mass production process but then the parts would be finished by hand and tuned for high precision. The finishing process is highly skilled so from the manufacturer's perspective it's very desirable to eliminate it. But what do you do if you're best manufacturing processes aren't precise enough? Here's Landes again:
There were, of course, some areas where human skill was indispensible. The fitting of balance wheel to hairspring, for example, required a fine hand, and in Europe the one was painstakingly adjusted to the other to ensure isochronous swings. The Americans had neither the time nor the skills. Instead, they made large numbers of balances and springs as close to standard as possible; then carefully sorted them by weight and force. It only remained to pair them by choosing from the right boxes or jars. The same technique was applied to the selection of jewels and pivots: instead of drilling jewels and then making pivots to fit, the Americans turned out an array of both, measured diameters to a ten thousandth or even twenty-thousandth of an inch, sorted the pieces accordingly, and matched them as needed. No need, then, for fine tuning: just choose a target and let statistical distribution take care of the rest.

Modern machining equipment is extraordinarily good and so for most applications we are able to build parts to specification and have them be completely interchangeable, especially as electronics replaces mechanisms for any kind of fine work. However, this kind of statistical quality control still exists in the semiconductor industry. Unlike machining, tuning the chemical processes used to make chips is still somewhat of a black art and there's a fair amount of variation in how good the finished products are. No problem: sell chips in a bunch of different clock speeds. Then make a bunch of identical chips and test them to see what the highest clock speed they'll operate at is. Label and sell accordingly.

Posted by ekr at 07:26 AM | Comments (8) | TrackBack

March 21, 2004

A target rich environment

In the aftermath of the Madrid bombing, Olympia Snowe and Mike Castle have written a letter to Tom Ridge complaining about security in our rail infrastructure:
In the letter to Secretary Ridge, Snowe and Castle outlined the overall discrepancies between the various types of transportation security. They noted that in the Fiscal Year 2004 Homeland Security Appropriations Conference Report, the Office of Maritime and Land Security within the Department of Homeland Security (DHS), which has oversight of cargo and passenger rail security, was funded at $263 million with no funding allocated to Amtrak or commuter rail services to assist with their passenger security efforts. Other transportation avenues have faired better. Of that $263 million, close to half was earmarked for port security grants, $22 million went to highway trucking security, and $10 million for intercity bus security. The Transportation Security Administration (TSA), by comparison, received significantly more funding - $3.7 billion for airport security. Last November $50 million from the Urban Area Security Initiative (UASI) was released to Metropolitan Rail Transit Authorities. Snowe and Castle wrote that this "... was a solid first step but clearly not enough to help our inter city and commuter rail trains enhance their security efforts."

...

"The 10 bombs which exploded during yesterday's morning rush hour in three commuter train stations in Madrid, Spain killing 190 people and wounding thousands, just as easily could have happened here in the United States. My thoughts and prayers go out to the victims' families. This terrorist attack should be a wake up call for rail security in this country and abroad. For too long, the federal government has made air and port security top priorities while funding for rail security has lagged far behind. Our national homeland security strategy is only as strong as our weakest link," Castle said.

I totally agree that security is only as strong as the weakest link, which is why the obsession with rail security is so misplaced. Airplanes make good targets because they offer a lot of leverage--a small bomb can kill everyone on a plane, maybe hundreds of people. There are very few terrorism opportunities that offer this kind of leverage. By contrast, the Madrid bombings were a factor of 10 less effective, killing an average of about 20 people per bomb.

The reason that train stations make good terrorism targets isn't that they're transportation related but that there are a lot of people packed close together. But they're not unique in that: a a crowded mall or sporting event makes just as good a target (see, for instance Thomas Harris's Black Sunday.) So, why don't we see Senators writing letters about how we're not spending enough money on mall security? Aren't people in malls just as important as people on trains. [0]

It should be clear after a little thought that there are way too many soft targets on the level of malls and train stations to make it worthwhile trying to secure them. We need an anti-terrorism strategy that doesn't depend on securing every potential target. Otherwise, the terrorists will just attack whatever we're not defending.

[0] I should mention that it appears to be pretty easy to derail a train. Couldn't you mount an explosive charge on the rails somewhere out in the middle of nowhere and kill a bunch of people that way? I don't see any realistic way to defend against that attack--and there are lots of other attacks just this good. However, as far as I know this isn't what the Madrid bombers did.

Posted by ekr at 06:56 PM | Comments (32) | TrackBack

March 20, 2004

Just like BMWs?

This SJ Mercury article on Intel's great chip renaming compares them to BMW model numbers:
Think of the Pentium as the BMW of computer chips.

Intel executives may hope you do now that they're naming their microprocessors after the Ultimate Driving Machine. Consumer-unfriendly clunkers like the Pentium 4 processor with HT Technology Extreme Edition 3.40 GHz will be traded in for the much sleeker 300, 500 or 700 series.

After years of driving the personal-computer market by promoting the ever-increasing speed of its microprocessors, the Santa Clara chip giant said Friday that new chips will bear names that denote features rather than ``clock speed.''

Much like teenage boys boasting about the horsepower of their hot rods, Intel engineers staked bragging rights on how much gigahertz their microprocessors packed.

But speed doesn't always equal performance and Intel executives said they also want to promote their chips' other abilities, such as prolonging laptop battery life or enabling wireless Internet access.

And so future incarnations of Intel's entry-level Celeron microprocessor will be dubbed the 300 series. The more powerful and pricey top-of-the-line Pentium chips will be designated the 700 series.

There are two things strange about this. First, while the BMW 3, 5, and 7 series differ in price, primarily they differ in terms of size: the 3 series is a compact sports sedan, the 5 series an intermediate size, and the 7 series a luxury car. In other words, there are tradeoffs other than price. While the 7 series drives about as well as you could expect a big car to drive, if you want something that drives real well, you buy a 3 or a 5 series.

The second unusual thing is that BMW's model numbers do indicate something very equivalent to clock speed: the size of the engine. The last two digits of the model number indicate the size of the engine in liters. E.g. the 540i is a 4.0 liter engine. Like clock speed, engine size is related to not directly predictive of performance. Should we expect the Pentium 520 to be 2.0 GHz?

Posted by ekr at 10:21 PM | Comments (4) | TrackBack

March 19, 2004

Smuggler's insurance

More from Landes:
Watches were too easy to hide and watch duties simply too hard to enforce. Smuggling had become an organized, institutionalized trade. Maybe prohibition might have helped, with body searches of passers-by and house searches without warning, but these were not a feasible recourse in Britain. In the mean time, anyone who wanted to smuggle without risk merely had to pay 10 per cent of the value of the contraband as insurance. This was slightly higher than the premiums charged for shipments across the Jura into France, but was well under the British duty of 50 per cent.

Smuggler's insurance, eh? Ah, the genius of capitalism.

Posted by ekr at 07:34 PM | Comments (2) | TrackBack

Those dastardly Swiss and their cheap imports

The phenomenon of domestic products being displaced by cheaper imports isn't new. In the 1980s it was Japan and now it's China, but in the 19th century it was Switzerland. Here's David Landes from A Revolution In Time:
In spite of legal prohibitions, moreover, the British imported those machines, tools and files that had laid the material foundations of British large-scale watch manufacture in the first half of the eighteenth century. Stop the diffusion of these instruments of production? As well try to stop the tides. All a good Swiss maker needed was one example of a British machine and he could make his own with some improvements thrown in. As for files, they were thinner than pencils and could be concealed as easily as the contraband watches going in the other direction.

Such watches, the British makers affirmed, were substantially inferior to the genuine British product. Perhaps so; although British makers were not above turning out their own rubbish. In any event, the leading London makers declared, Swiss pieces were 'so much cheaper than any that can be made in this country, as to preclude all competition.' All that was left of a once fluorishing export trade was bits and pieces in protected territory: English speaking areas such as the United States and imperial possessions such as India. Yet language and habit could not long hold back the flood: the American market was going fast. One watch merchant explained the rout by what would one day become the standard refrain of the hard-pressed British manufacturer: the customer was wrong. The Americans, he noted, 'have always been fond of cheap articles... any thing of a decent watch there, is very little called for'.

Sound familiar?

Posted by ekr at 07:29 PM | Comments (2) | TrackBack

March 18, 2004

One + One

Citizens! Yesterday was the one year anniversary Educated Guesswork. I'd like to thank all of the people who read the blog and especially those who have taken the time to comment, whether you agree with me or not. I'd also like to thank everyone who's linked to me or told your friends about the blog. After all, what's the point of a blog if nobody reads it?

Our five year plan is proceeding well. I expect to clear 4000 visits for the first time this month, so we're making good progress in our quest for world domination. If we are to succeed we need to redouble our efforts: if you know of someone you think would enjoy the blog, it's your patriotic duty to give them the URL today. We shall not rest until every man, woman and child in the world gets their opinions from EG.

Posted by ekr at 01:25 PM | Comments (1) | TrackBack

Enough with the comments spam

I've just installed Jay Allen's MT-Blacklist anti-spam plugin for MovableType. Maybe this will help cut down on the comment and trackback spam I've been getting. Certainly was easy to install and seems to do it's thing seamlessly. It's a little slow to despam the entire site, though...

If you're a legitimate commenter who gets stuffed by it, please let me know and I'll see what I can do to fix the problem.

Posted by ekr at 11:14 AM | Comments (73) | TrackBack

DoS attacks on OpenSSL

The OpenSSL team has released some patches for OpenSSL [*]. Basically, if you're running an SSL server a client can remotely connect to you and potentially cause your server to crash. How much should you worry about this? It's phrased as a DoS attack, but really it's just a specific set of inputs that might cause the OpenSSL server process to crash.

How much should you worry about this? My initial answer would be: not much. First, software crashes. It's a fact of life. Any real program probably has hundreds of conditions that would cause it to fail. If you're writing a server, you need to write it in such a way that it's robust against this kind of problem. For instance, you might have a watcher process whose job it is to notice when the server has crashed and start a new version.

Second, there are even easier "denial of service" attacks on most SSL servers. The conventional way to write a UNIX server program is to fork() off a new process for each client. If a client initiates a connection to the server and then just holds it open it can tie up the server process for long periods of time. The timeouts used to close out stalled server processes are generally on the order of minutes. So, effectively bringing down a single server process is comparatively easy. It's not clear that crashing that server process is any worse.

There's a temptation in the security community to label any crash a vulnerability, and there's a sense in which it is. Certainly, crashes aren't good and the kind of memory errors which cause crashes very often are symptoms of something more exploitable. However, as vulnerabilities go, a simple crash in a server process like this is typically not that serious.

Posted by ekr at 09:34 AM | Comments (3) | TrackBack

March 17, 2004

Great, child-impersonating chat programs

The New Scientist is reporting on this chat program designed to impersonate children and catch pedophiles. This whole catching Internet pedophiles thing has gotten very big. Just out of curiousity, does anyone have any data on just how many children actually get picked up on the Internet and molested? Is this a serious problem or just the same sort of paranoia that gave us the McMartin trials.
Posted by ekr at 08:41 PM | Comments (5) | TrackBack

Should we compensate the wrongly imprisoned?

There's a discussion going on at Crooked Timber about the British Government's proposal to charge the innocently imprisoned (and now freed) for room and board, apparently as a charge against whatever compensation is due them for being wrongly imprisoned. Most of the commenters seem to take it for granted that the government should pay some compensation and the only issue is whether charging them for room and board is fair.

The problem is that this form of compensation creates some real perverse incentives. While it's true that punishing the state for wrongly convicting people incentivizes the state not to pursue people who's guilt is in doubt, the same people involved in the original conviction also have a lot of control over whether people are subsequently declared innocent and released. If by doing so they incur a substantial penalty--even on behalf of the state--this creates an incentive for them to fight releasing such victims tooth and nail. So, while compensating people for being wrongly imprisoned might be good for the people who actually are cleared, it may be very bad news for people who are not released because the prosecutors fight harder against it.

Posted by ekr at 08:11 PM | Comments (4) | TrackBack

March 16, 2004

Bite me

Check out this article in the New Scientist about a study on the accuracy of bite-mark matching, which, like fingerprints, have received very little scientific study.
Unusually Clear
But critics are still far from convinced. The study says little if anything about real-life scenarios, they argue, because the skin marks the researchers used were much clearer than those in real-life cases. "Bite marks don't lend themselves well to a bench study," says Richard Souviron, a forensic odontologist at the Miami-Dade Medical Examiner's office.

Even with these unusually clear bite marks, some subjects in the study were falsely identified while others were falsely excluded.

Gould and Cardoza presented their research to the American Academy of Forensic Sciences conference in Dallas, Texas, in February. They made marks using casts of 10 different sets of teeth in either clay or human skin (Gould's arm).

They photographed the marks and gave them to 22 experts along with "overlays" of the casts - images of the pattern a set of teeth make when they bite onto a flat surface. Forensic odontologists generally place such images over a wound to decide whether the two match.

The experts in the study were asked to match the overlays with images of the clay or skin marks, using a sliding scale of certainty. Gould and Cardoza told the conference that the experts correctly matched 98 per cent of the clay marks and 84 per cent of those on skin. On the face of it, this is a good result, but the pair admit these figures exaggerate the success rate, because in some cases they included some only labelled as "possible" matches.

False Match
What's more, in some cases the experts excluded the correct cast, saying they were certain it could not have made the mark. And there were examples where they assigned the wrong cast to a mark, a false match which in a real case could have led to a miscarriage of justice. Gould and Cardoza would not tell New Scientist how many of these errors there were.

I'm not that worried about the sensitivity of the test. After all, a technique that only catches 84% of the suspects is still pretty useful. On the other hand, the false positive rate is pretty important and the fact that Gould and Cardoza won't disclose it is not encouraging, seeing as it's a standard measure of error rate.

There's a bigger issue here than just bite marks, though. If we're going to be using scientific evidence to prosecute criminals, we need to have confidence on the reliability of the testing procedures. And yet, it seems that we have no good data for the reliability of bite marks or fingerprints and police persist in using line-up techniques which are known to have high false positive rates. This isn't good.

Posted by ekr at 01:27 PM | Comments (1) | TrackBack

March 15, 2004

Keep that ham sandwich away from me

On the first night of our weekend down the the coast, I came down with a particularly nasty case of food poisoning/stomach flu/extreme gastrointestinal distress and spent much of the evening bending over a toilet bowl expelling the previous day or so worth of food in the direction in which it had originally arrived.

Among those contents was one black forest ham sandwich, with provolone, on parmesan bread. I ate the aforementioned sandwich, purchased at a Togos in Santa Cruz, for lunch on my way down to Big Sur. Now, I'm not saying that said sandwich was responsible for my GI distress. I suppose it's possible, but I have no real opinion one way or the other. However, my body absolutely has an opinion and it blames Togos--or at least ham sandwiches. It's so sure, in fact, that last night I saw an Arby's commercial about how they slice their own deli meat and the sight of sliced ham--or whatever mystery meat it was--instantly filled me with nausea. In fact, just writing these words is making me feel rather sick.

This is actually a rather well known phenomenon in Classical Conditioning: animals develop food aversions in response to poisoning very readily. In fact, unlike other forms of conditioning, which generally take multiple trials to learn, food aversions can often develop in a single trial, even when the time period between the food and the experience of nausea is very long (hours in my case). The originally discovery of this effect was by Garcia and Koelling in 1966. (See here for Kassin's description of the experiment).

The most interesting feature of this kind of learning is how selective it is. Why didn't I develop an aversion to Big Sur, Togos, or road trips? Garcia's work shows that animals learn associations between sickness and food much more easily than sickness and other stimuli. The evolutionary advantages of this are obvious: if you've gotten sick, it's quite likely to be something you ate and that you can avoid in the future.

Of course, it's not always adaptive, since I rather like ham sandwiches and now I can't eat them. Or, as Kassin notes:

It is important to note that people acquire taste aversions, too--often with important practical implications. Consider, for example, an unfortunate side effect of chemotherapy treatments for cancer. These drugs tend to cause nausea and vomiting. As a result, patients often become conditioned to react with disgust and a loss of appetite to foods they had eaten hours before the treatment (Bovbjerg et al., 1992). Thankfully, the principles of classical conditioning offer a solution to this problem. When cancer patients are fed a distinctive maple-flavored ice cream before each treatment, they acquire a taste aversion to that ice cream--which becomes a "scapegoat" and protects the other foods in the patient's diet (Bernstein & Borson, 1986). Still, many cancer patients who had undergone chemotherapy and survived report that they continue to feel nauseous, and sometimes vomit, in response to the sights, smells, and tastes that remind them of treatment--as much as twenty years later (Cameron et al., 2001).

It turns out to be quite hard to extinguish this kind of food aversion too. Still, twenty years! Seeing as I only vomited for a day or so, hopefully I'll be able to eat ham within a couple of years.

Posted by ekr at 08:40 AM | Comments (36) | TrackBack

March 14, 2004

iPod and iTrip annoyances

Over the weekend, Lisa and I borrowed Terence's iTrip for our trip to Big Sur. Some notes..
  • In California it's pretty hard to find a really blank radio station for the iTrip to broadcast on. You have to change stations pretty frequently, which leads to...
  • The iTrip tuning mechanism looks cool: each potential radio station has a tune associated with it, which you play to tell the iTrip to broadcast on that station. Unfortunately, whenever you want to change stations you need to stop whatever you're playing, which isn't exactly convenient.
  • The iPod UI isn't designed to let you play one song at a time. You have to wait till the station has changed and press pause in the middle of the "song". [*]. Not very convenient.

Actually, the entire iPod UI isn't that obvious. Over the weekend I discovered that Lisa had never figured out the iPod's volume controls and had had to ask someone how to turn it off (hold the play button). Clearly, the iPod is a fantastic piece of technology--small, nice DAC, good management UI--but I think the Apple designers may have gone a bit overboard on the UI simplicity thing.

Posted by ekr at 09:40 PM | Comments (12) | TrackBack

Hotels and your laundry

If you stay in hotels much you've no doubt noticed the now-universal signs exhorting you to save the environment by reusing your towels. (e.g. [*]. Whenever I see this sort of sign, I wonder how much water is actually being saved. Let's say that your typical hotel guest uses three towels while he's there, one bath towel, one hand towel, and one washcloth. Based on my home washing machine, you can probably accomodate about 4 such guests in a single load. Let's assume that the hotel has switched to front-loaders (and if they haven't, there's an enormous unrealized environmental savings), which consume about 20-25 gallons/load [*], for an average of 6 gallons per guest.

Here are some points for comparison:

  • average Bay Area residential user uses 95 gallons per day.
  • I pay .5c/gallon of water, so an extra $.03/day would cover the entire cost of my water.
  • The average low flow shower head consumes 2-2.5 gallons per minute.

Ask yourself whether you'd be willing to pay an extra quarter a day to have clean towels in your hotel. Heck, I pay that to have the USA Today (which I basically never read) delivered to my room, just because I'm too lazy to remember to tell them not to drop it off. I'm not saying that reuse of towels in hotels is a bad thing. Sure, there's some environmental benefit. But as far as I can tell it's pretty modest on the grand scale of things. I find it a bit puzzling that it's become so universal.

Posted by ekr at 06:13 PM | Comments (67) | TrackBack

March 12, 2004

Gone fishing

I'll be down in Big Sur and Monterey for the weekend. I'll be staying in the Big Sur Lodge tonight and seeing as they don't have TVs there (let along Internet connections) I wouldn't expect to see any blogging for a while.
Posted by ekr at 10:48 AM | Comments (2) | TrackBack

March 11, 2004

Contour Crafting

Check out this page about automatic building construction using "Contour Crafting". They even have a video showing the process. I've seen this general idea used on a small scale but the idea of using it to make real-world buildings is incredibly cool. I want one of these houses. (originally seen on /..
Posted by ekr at 08:17 PM | Comments (2) | TrackBack

March 10, 2004

Calories Burned==Suffering?

I'm up in Redmond to give a talk at Microsoft and I caught this Nautilus commercial on TV pitching their new machine the TreadClimber. The claimed proposition for the TreadClimber is that it lets you burn more calories than other machines [*], as shown in the chart below:

Here's a quote from their marketing literature:

The TreadClimber® fitness machine is more effective than any other exercise when it comes to burning calories. Even a 20-minute walk on TreadClimber effectively burns more calories than other workouts or machines. With TreadClimber, you work out smarter, not harder ... getting faster results with less effort.

TreadClimber Burns 157% More Calories Than Treadmills! In a recent university test, research showed that it takes twice as long to burn the same amount of calories on a treadmill than on a TreadClimber - at identical speeds.

Why? Because TreadClimber's ultra-effective dual-movement works more of your large muscle groups at once to really fuel calorie burning.

This kind of misses the point. It's silly to compare equivalent speeds on the TreadClimber and treadmill as if that was somehow comparable. If you want to burn more calories on a treadmill, just increase the incline. What's important here isn't how fast you're going but how much suffering you have to endure for each calorie you burn. I don't see any reason to believe that the TreadClimber is any better on that front. In my experience once you get used to an exercise the amount of suffering per calorie burned is fairly constant. And of course, how distasteful any given exercise is probably varies from person to person. That factor is likely to be much more relevant than how fast you're walking.

Posted by ekr at 07:59 PM | Comments (21) | TrackBack

Dealing with zombies

Comcast is cutting off service to customers who are (probably unwittingly) serving as spam zombies. That ought to provide people a bit of incentive to keep their machines secure--or at least to clean off any zombie code. [*]. This should be interesting.
Posted by ekr at 07:40 PM | Comments (9) | TrackBack

March 09, 2004

Phishing and SSL

Paul Hoffman pointed me to this article about the interaction of SSL and phishing. Phishing is a form of social engineering attack where the attacker convinces the victim that he's looking at one web site (typically that of a vendor) when he's actually looking at the attacker's web site.

The background here is kind of interesting. Web sites have addresses like "http://www.rtfm.com/index.html" which means "go to machine 'www.rtfm.com' and ask for the file 'index.html'". The "www.rtfm.com" part is called a "domain name" or a "host name". However, TCP/IP doesn't work in terms of names but rather IP addresses, which are simple numbers. The Domain Name System is used to map names to IP addresses in a process called "name resolution" (see more here for how this works). Once you have the IP address you can actually send data to the web server.

Now, if I ask you to go to the "the RTFM web site", there is a 3-stage process required for you to get there:

  1. Map from "the RTFM web site" to the domain name "www.rtfm.com"
  2. Map from the domain name "www.rtfm.com" to the IP address "198.144.193.125"
  3. Actually connect to "198.144.193.215"

It's possible to attack the system at any of these stages. You attack stage 1 by interfering with the manual process of going from the text description to the domain name. You attack stage 2 by forging DNS information (the process is called DNS spoofing). You attack stage 3 by intercepting the connection to the web server and substituting your own data. These are both modestly sophisticated technical attacks but it's well known how to mount both of them and tools such as dsniff are readily available.

What SSL Does
Classic network security has focused on securing stages 2 and 3 and that's what SSL does. The way that SSL works is that a server is issued a credential (called a certificate) that demonstrates that it has the right to a certain domain name. Then, when the client connects to the server, the server can cryptographically prove that it's entitled to the certificate (and hence the domain name). Because this operation is cryptographically secure, if the attacker somehow convinces you to talk to them (whether by DNS spoofing or connection interception), it won't be able to complete the correct cryptographic handshake and therefore you'll know that you're dealing with an attacker instead of the real site.

This process actually works pretty well. The primary weak link is that bit about the "issued a credential". In order for that to work, there needs to be some authority who can be trusted. On the Internet, that authority is (to a first order) VeriSign. VeriSign's key (along with between 30 and 100 others) is built into the popular web clients (IE, FireFox, whatever...) and so they are able to verify credentials issued by VeriSign.

There are two problems here. The first is the other 29 (or 99) CAs. Now, no doubt they were once owned by people you would consider trusting, but in the .com crash a number of those companies went out of business and it's not entirely clear who owns their keys. As far as I know, there haven't been any cases of these CAs issuing bogus certificates, but it's a persistent concern in the security community.

The second problem is the browser's (and user's) response to certificate problems. What happens if you connect to a server and it issues a certificate from a CA you've never heard of? Or perhaps the name doesn't actually match the domain name you're trying to talk to. In the classic SSL formulation, your client would throw an error and refuse to connect. Unfortunately, there turn out to be lot of more-or-less legitimate ways that this can happen and the browser manufacturers were eventually forced to settle for something like the following rather lame dialog box (taken from Firebird).


Now, for maximum safety you should click "no" here, but it's widely believed in the security community that people will click "yes". (Note: this is believed without data. Anyone interested in actually studying this should contact me, especially if you come with your own funding.

The bottom line, then, is that even against the attacks that SSL is intended to prevent, the security it provides is modest unless users are incredibly careful, which most people aren't. However, you can also attack SSL by going outside its threat model, which is what a phishing attack does.

Phishing
The general idea of a phishing attack is to attack the binding between a site's real world name (RTFM, Inc.) and its web address (www.rtfm.com). Say, for instance, I send you a letter, ostensible from RTFM, Inc. telling you to go to "www.rtfm.org". When you connect there, the server has a perfectly valid certificate for "www.rtfm.org" and you do whatever business you have secure in the knowledge you've talked to the right person. The only problem is that rtfm.org is owned by someone entirely different and so you're doing business with the wrong person. This is the basic phishing attack. As you can see, it totally bypasses any SSL protection.

It's also very difficult to stop technically. Since the binding between the real world name and the domain name is not known to any piece of software, it's very hard to detect when that binding is incorrect. The standard advice is to not go to secure web pages that you get in e-mail. Indeed, common targets of phishing attacks have started announcing that they will never solicit your personal information (such as passwords) in e-mail. Other than that, about all you can do is very carefully check the certificate to see if the organization name looks correct.

The Article
This article makes a number of interesting points:

This trend bears watching, as the presence of an SSL certficate was intially touted by consumer protection groups as a way to differentiate between scams and legitimate sites. The U.S. Federal Trade Commission, for example, offered this advice to consumers concerned about phishing: "Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission."

But security professionals are focused on the limitations of SSL in the wake of a recent scam targeting Earthlink users (mentioned near the bottom of this story) which employed an SSL certificate so the bogus page displayed the lock icon. In this case, the certificate appeared legit because it matched the URL of the fake page mimicking the Earthlink web site, but had no connection to Earthlink. Visitors would only detect the deception if they reviewed the certificate.

This is absolutely correct. It's the basic phishing attack I just mentioned. There's also an interesting discussion of "visual spoofing".

A technique called visual spoofing offers another method to present a "lock" to visitors on a Scam phishing site. The technique alters the user interface of the web browser, substituting images for parts of the browser interface that would normally help users detect the fraud. Javascript links launch a new browser window without scrollbars, menubars, toolbars and the status bar - which allows the scam artists to substitute a fake status bar containing the URL for a legitimate site, along with an image of a "lock" indicating a secure SSL site.

That said, the article in question isn't entirely correct. The author writes:

Scammers can also configure their web server so that deceptive SSL certificates won't trigger an alert in the user's browser. "One of the SSL encoding methods is 'plain text'," Neal Krawetz from Secure Science Corporation noted in the SANS post on the issue. "Most SSL servers have this disabled by default, but most browsers support it. When plain text is used, no central certificate authority is consulted and the user never sees a message asking if a certificate should be accepted (because 'plain text' doesn't use certificates). Keeping that in mind, the little lock icon may not even indicate an encrypted channel. The little lock only indicates an SSL connection."

This isn't really accurate. It's true that SSL has a "plaintext mode", but that doesn't mean that the certificate isn't checked, only that the channel isn't encrypted. It's still authenticated. If this were not true, it would be a major security hole in SSL since it would let any active attacker intercept your connection. In addition, the claim that browsers "support" this mode is misleading. The way that SSL negotiation works is that the client offers a bunch of ciphers and the server chooses. As far as I can tell none of the popular browsers offer the plaintext mode, so there's no way to negotiate it.

This isn't to say that phishing isn't a problem. It is one and is quickly becoming worse. However, if we're to deal with it, it's critical to understand what it is that our current tools can and can't achieve.

UPDATE: That screen shot was taken from Firebird, not IE. Thanks to Jeff Epler to for pointing this out. I originally meant to have an IE screenshot but this was easier.

Posted by ekr at 09:21 AM | Comments (14) | TrackBack

March 08, 2004

Nuclear proliferation

Henry over at brings up Vernor Vinge's "the Ungoverned" and asks old "would you want your neighbor owning a nuclear weapon"?

I don't think I'm really happy about my neighbors owning nukes, but in the same way can see how random third world countries might find America's nuclear deterrent a little offputting. Ken MacLeod's The Sky Road has an interesting suggestion along these lines. After the breakup of the Soviet Union, Kazakhstan finds itself holding a supply of Soviet nuclear missiles. Instead of demilitarizing, it sets itself up in the Nuclear Insurance business, selling (defensive only!) policies against nuclear first strikes.

I know this sounds crazy, but if you think about it, it has certain advantages over the current situation in which dictators feel they need their own independent nuclear deterrent, since, e.g., North Korea's nukes can be used offensively as well as defensively. A situation in which nukes are just taken out of the equation is massively to the US's advantage, since American conventional forces can easily do enormous damage without resorting to nukes. On the other hand, I'm not sure what country I'd trust to provide such an independent deterrent...

Posted by ekr at 08:39 AM | Comments (53) | TrackBack

Information leakage

Here's a fine example of deploying a security measure without considering what the attacker will do.
Ultraviolet lights to prevent addicts injecting drugs in railway station toilets have been removed - after junkies started using UV pens to highlight their veins. First Great Western, which runs Bristol Temple Meads and Parkway stations, installed the special lights two years ago in a bid to deter heroin users from using the toilets.

The lights, which stop people from being able to pick out their veins, were brought in after two drug addicts died of overdoses at stations owned by First Great Western, although neither incident happened in Bristol.

But this week First Great Western admitted the lights had only worked for a short period.

First Great Western managing director Alison Forster said station managers scrapped them after drug addicts discovered a way around the deterrent.

Using an ultraviolet marker pen, junkies were drawing their veins on before going into the station.

When they entered the toilets, their veins would show up in the UV light - possibly better than they would have done in normal lighting.

Ms Forster said: "They were just drawing their veins on their arms."

UV pen ink is invisible under normal light but under ultraviolet light it glows.

Remember, folks, your opponent will change his behavior to oppose you. That's why he's called your opponent.

Posted by ekr at 08:15 AM | Comments (2) | TrackBack

March 07, 2004

Gee, you think there's information in that SIM card?

The news that Al Qaeda operatives were tracked via the SIM cards in their GSM phones has gotten a lot of play. [*]. It's not exactly surprising to anyone who understands how mobile telephone works. In the GSM system, the identity of a phone doesn't reside in the handset itself but rather in a little smart card called a SIM (subscriber identity module) that lives in the phone.

The nice thing about this design is that you can move from handset to handset just by swapping the SIM card. In addition, you can often buy prepaid SIM cards that you just shove in your phone. Apparently the Al Qaeda operatives had bought some prepaid SIM cards anonymously--which is easy and were using them to make calls. They'd swap them from phone to phone but they kept using the same SIM cards, making them very easy to track.

This story illustrates two important security points. First, if you want to have privacy, you need to know what sort of information you're transmitting. In this case, the Al Qaeda operatives obviously didn't realize--though they should have--that it was the SIM that was the brains of the operation. Second, anonymity and linkability aren't the same thing. In this case, the SIM cards were anonymous--because they were bought without presenting ID they couldn't be tied back to any particular person. However, you could tell when two calls were made by the same SIM card--and therefore likely the same user. And if you somehow independently determine who made a given call ("Hello, this is Osama bin Laden") then you can track that person from then on. In general, designing unlinkable cryptographic protocols is a very difficult proposition and most protocols aren't designed that way.

Posted by ekr at 03:29 PM | Comments (80) | TrackBack

Athletes and CEOs aren't the same thing...

MAtthew Yglesias points to Nicholas Kristoff's Op-Ed complaining about how high CEO pay is. Now, CEO pay is quite possibly too high, and if it is, it's no doubt a result of cronyism and boards which ignore their fiduciary responsibility. However, Kristoff's argument is oddly inconsistent.
Mr. Eisner has been at the center of this breakdown in capitalism ever since 1993, when Disney earnings (after an accounting change) fell 63 percent -- and he earned $203 million, then the highest pay in history for any executive of a public company. Athletes and movie stars are paid ridiculous sums as well, of course, but at least they earn them in arm's-length negotiations.

...

If chief executives increase shareholder value by $10 billion, what's wrong with giving them a tiny percentage of that as a reward? Nothing -- if they agree to hand over the same percentage as a penalty when they lose $10 billion for shareholders. Something is wrong when Jeffrey Skilling of Enron gets $100 million in the run-up to his company's disintegration.

These pay packages are negotiated, reflecting what a good C.E.O. brings on the free market. How's that? There is a huge supply of would-be C.E.O.'s and negligible demand from companies for new ones, so their price should be cheap -- if boards would use their leverage. When Jack Welch retired, General Electric held a contest among three underlings to succeed him. Each was desperate to get the job. If G.E. had done its usual tough bargaining, it could have signed Jeffrey Immelt on a 15-year contract for a mere $750,000 a year in salary, plus reasonable incentives for long-term success.

Wait a second. Is Kristoff's problem that the CEOs are being paid more than is efficient or that their pay is somehow unfair regardless of whether it's efficient. The main thrust of the argument is the former, but the invocation of athletes and movie stars suggests the latter. As far as I know there is a free market for athletes (and probably movie stars). It's not as if the boards of sports teams are packed with athletes voting themselves high salaries. Does Kristoff have any data to suggest otherwise or is he just offended that they're making so much money?

Posted by ekr at 02:47 PM | Comments (27) | TrackBack

March 06, 2004

Toxic drugs: a modest proposal for reducing drug use

A pretty standard argument for reducing alcohol consumption is to increase taxes (see, for instance [*]). By analogy, it's often argued that legalizing and taxing drugs would be a good idea as well. Perhaps, but it's not going to happen any time soon. On the other hand, people aren't going to stop taking drugs any time soon either.

One response to this set of facts is to try to do what we can to make drug taking less dangerous. This is called harm reduction. Critics of this approach point out that harm reduction makes drugs more attractive, thus potentially increasing drug consumption rates. On the other hand, if we take this argument seriously, there's an obvious policy; make drug taking more dangerous. [0] There's a simple way to do that, too: buy up a fair amount of some drug. Then poison it and get it back on the streets, being sure to announce that you've done so. If you can get to the point where taking drugs means a modest probability of immediate death (a couple percent is probably enough) you would expect rational drug-users (not necessarily an oxymoron) to radically reduce their consumption. Of course, some people will surely die from poisoned drugs, but since the argument for banning drugs in the first place is that they're Really Bad [1], it's quite plausible that the net benefit would positive.

[0] Readers familiar with economics will recognize this as a variant of the old "spike on the steering wheel" idea [*]

[1] I don't hold with this, but we're assuming it here for the sake of argument.

Posted by ekr at 05:11 PM | Comments (3) | TrackBack

March 05, 2004

Packaging for drug compliance

At lunch, Kevin and I were discussing the role of patient compliance in antibiotic resistance. It's widely believed that lack of compliance is a major cause of resistance. People often just forget to take their meds on time. (This is even more of a problem with anti-HIV drugs, which have to be taken frequently and on complicated schedules.) Another common source of noncompliance is patients who feel better and so think they can stop taking the antibiotics. Both types of patients might be more likely to take their meds if they were paid to.

It occurred to us that packaging would be a good way to attack this problem. The drugs would be delivered in a smart package which would record when it was opened and pills were dispensed. Then, when you were finished with the presciption you could return the packaging as proof that you had taken your doses at the right time. and get some kind of financial reward. (Alternately, the pharmacy could require you to pay a deposit that you got back). This would give patients a substantial incentive to comply.

One problem with this approach is that it assumes that lack of compliance is mostly a matter of laziness/forgetfullness rather than deliberate choice. Obviously, it would be easy to cheat the system by taking out the drugs and throwing them away. I suppose that might make sense if you were reselling them or something, but as far as I know there's not a big black market in antibiotic or anti-HIV medication. Now, anti-HIV drugs often make patients feel pretty lousy so, they might have an incentive to cheat, but I suspect that even there this kind of packaging would have a positive impact on complaince.

Posted by ekr at 03:02 PM | Comments (2) | TrackBack

You'll just have to live with that ear infection

AP is reporting that the American Academy of Pediatrics and the American Academy of Family Practice are considering recommending that doctors not prescribe antibiotics for most ear infections. (thanks to Jennifer Gates for the pointer).

There seem to be two things going on here. First, it's not clear exactly how effective antibiotics are for ear infections. This review article (I can only get at the abstract) looks to be on point:

Antibiotic therapy remains the treatment of choice for otitis media in most countries despite persuasive evidence that antibiotic therapy provides limited clinical benefit and promotes bacterial resistance. Meta-analysis of randomized, placebo-controlled trials demonstrated that antibiotics increased resolution at 1 week by only 13%. Amoxicillin remains as effective as any other antibiotic, despite increasing resistance to amoxicillin among the major bacterial pathogens. Immediate antibiotic treatment has been shown to reduce the duration of symptoms by 1 day but not until after the first 24 hours when symptoms were already improving. A delayed prescribing strategy is currently utilized in most children for management of acute otitis media in the Netherlands; this method is now being evaluated elsewhere. Antibiotic therapy is delayed for 48-72 hours after diagnosis; thereafter, antibiotics are initiated only if symptoms persist or worsen. In 2 studies utilizing this strategy (England and the United States), only 24-30% of the patients in the delayed treatment group initiated antibiotic therapy; a majority of parents of children in the delayed group were satisfied with their child's treatment. Treatment of bacterial otitis media ("pus drum") with high dose amoxicillin (80-100 mg/kg/kd) is recommmended; for acute otitis media without bulging, watchful waiting with a delayed prescribing strategy and treatment of pain is preferred. Yearly administration of the influenza vaccine and/or treatment of influenza with an antiviral (oseltamivir) can significantly decrease the incidence of acute otitis media during influenza season. Although pneumococcal vaccination effectively reduces the incidence of acute otitis media due to vaccine-related serotypes, there is a significant increase in the number of episodes of acute otitis media due to other serotypes of S. pneumoniae such that the overall incidence of acute otitis media is reduced only minimally by pneumoccocal vaccine. The careful use of strict diagnostic criteria coupled with judicious use of antibiotic therapy will direct antibiotic treatment to only those patients likely to benefit.

Second, doctors are clearly worried that routine use of antibiotics for minor ear infections promotes antibiotic resistance, which is a serious problem. However, it should be noted that this creates an interesting question. Say that antibiotics do help but only a little bit. Not giving them to children definitely hurts the children (and potentially the parents.). Now, it may be the case that the benefit of reducing resistance to antibiotics outweighs that cost, but it's not clear to me that the AAP or the AAFP are in a particularly good position to make that assessment.

Making physicians the gatekeeper is also problematic, since it essentially puts them into direct opposition to their patients, who of course want the drug. I wouldn't want to be the doctor who had to tell a parent that their kid will just have to live with that ear infection.

Posted by ekr at 10:53 AM | Comments (45) | TrackBack

March 04, 2004

Your virus's mother wears combat boots

From this morning's WaPo [*]:
In the space of about three hours early Wednesday morning, five new variants of widespread bugs MyDoom, Bagle and Netsky were spotted roaming the Web. And, in a new twist, the unknown virus writers have gotten into what amounts to a shouting match, by placing insults and threats against each other in the coding of the latest versions of their wares.

It's not entirely clear what the hackers are fighting about. In one case, a virus writer seemed to be upset that another had lifted the hacker's approach for spreading the code to other computers.

"MyDoom.f is a thief of our idea!" read one line in the latest version of the Netsky worm, referring to the "f" variant of a rival piece of software.

Outstanding. I think this provides a pretty definitive answer to the question "what kind of people write viruses?".

Posted by ekr at 03:17 PM | Comments (35) | TrackBack

March 03, 2004

Fun with developmental biology

From Chapter 3 of Why is sex fun?
For example, one typ of pseudohermaphrodite looks like a normal woman. Indeed, "she" conforms to the male ideal of female pulchritude even more closely than does the average real woman because "her" breasts are well developed and "her " legs are long and graceful. Hence cases have turned up repeatedly of beautiful women fashion models not realizing that they are actually men with a single mutant gene until genetically tested as adults.

Since this type of pseudohermaphrodite looks like a normal girl baby at birth and undergoes externally normal development and puberty, the problem isn't even likely to be recognized until the adolescent "girl" consults a doctor over failure to begin menstruating. At that point, the doctor discovers a simple reason for that failure: the patient has no uterus, fallopian tubes, or upper vagina. Instead, the vagina ends blindly after two inches. Further examination reveals testes that secrete normal testosterone, are programmed by a normal Y chromosome, and are abnormal only for being buried in the groin or labia. In other words, the beautiful model is an otherwise normal male who happens to have a genetically determined biochemical block in his ability to respond to testosterone.

That block turns out to be in the cell receptor that would normally bind testosterone and dihydrotestosterone, thereby enabling those androgens to trigger the further development steps of the normal male. Since the Y chromosome is normal, the testes themselves form normally and produce normal Mullerian inhibiting hormone, which acts as in any man to forestall development of the uterus and fallopian tubes. However, development of the usual male machinery to respond to testosterone is interruped. Hence development of the remaining bipotential embryonic sex organs follows the female channel by default: female rather than male external genitalia, and atrophy of the Wolffian ducts and hence of potential male internal genitalia. In fact, since the testes and adrenal glands secrete small amounts of estrogen that would normally be overridden by androgen receptors, the complete lack of these receptors in functional form (they are present in small numbers in normal women) makes the male pseudohermaphrodite appear externally superfeminine.

Obviously I've read too much science fiction since after reading this I immediately envisioned dystopian scenarios of some mad scientist taking over the world with a cloned army of pseudohermaphroditic ninja fashion models.

Posted by ekr at 03:37 PM | Comments (5) | TrackBack

March 02, 2004

Robot Insurance

Another oldie... Would you buy Robot Insurance from Sam Waterston? If not, what will you do when the metal men attack? Just remember, persons denying the existence of robots may be robots themselves.
Posted by ekr at 03:19 PM | Comments (5) | TrackBack

One way to beat the market

This has been reported in a number of places, but it bears mentioning again. The NYT is reporting on research results that indicate that Senator's stock portfolios have beaten the market by about 12% over the past 5 years.
The Ziobrowski study notes that the politicians' timing of transactions is uncanny. Most stocks bought by senators had shown little movement before the purchase. But after the stock was bought, it outperformed the market by 28.6 per cent on average in the following calender year.

Returns on sell transactions are equally intriguing. Stocks sold by senators performed in line with the market the year following the sale.

Kind of speaks for itself doesn't it?

But catch this paragraph:

The study took eight years to complete because there was no database of information and the documents had to be gathered and examined manually. Stocks held in blind trusts are not included in the disclosure documents.

8 years?!?! That's dedication.

UPDATE: fixed the second quoted paragraph. Thanks to the anonymous commenter who pointed out this error.

Posted by ekr at 02:57 PM | Comments (58) | TrackBack

March 01, 2004

Last name first? Last name last?

Over at Crooked Timber, Eszter Hargittai writes::
In the comments section of Chris' recent post about a date, people have started debating whether it makes more sense to list the year, month or day first in a date. This discussion made me think about how different languages/cultures present names. In Hungary, "last" name comes first. To me this always made logical sense. After all, even in cultures where given name comes first (a practice that seems to be prevalent in most places I know) the order of the names gets reversed on certain lists to put the family name up front. This makes more sense, for example, when alphabetizing people in a group (e.g. in a classroom). So why does given name come before family name otherwise? Other than Hungary, I have heard in Japan family name is listed first, can anyone confirm that? Are there any other examples of such ordering of names?

Computer programmers will recognize both of these questions as variants of the great big-endian/little-endian debate. Namely, should the most significant portion of the data come first or last? When we write a number, such as 972, the first digit written corresponds to the largest scope (in this case, the 100s place). This is the big-endian notation. In the little-endian notation, each successive byte (or bit) is more important than the last. Obviously, it's critical for communications that both sides know which order is being used, so we need some standard. Cleverly, on the Internet, we have two: The Internet uses big-endian for IP addresses but little-endian for domain names.

That's nothing, though, compared to the URL, which is a real work of art, combining both orderings in one convenient package. Consider the URL "http://www.rtfm.com/movabletype/index.html". Overall, the URL is big-endian, with three major pieces.

  • The scheme: http://
  • The domain name: www.rtfm.com
  • The path: /movabletype/index.html

Each of these portions is progressively more local in that you need to have read the one on the left to understand the one on the right. However, the domain name is read right to left (.com is of greater scope than rtfm) and the path is read left to right. Outstanding, huh?

Posted by ekr at 08:41 AM | Comments (6) | TrackBack

Telepresence tips

Some observations on telepresence over a low-bandwidth (128 kbps) network:
  • Sound quality is pretty good. Video quality is pretty bad.
  • Keep the camera still. Every time you move the camera it takes like 10 seconds for the picture to depixellate.
  • The iBook is just barely fast enough to do the job. Don't expect to use your laptop for much else while you're videoconferencing.
  • The iBook speakers are crap. I plugged in my Etymotic ER-6s and the difference in sound quality is amazing.

Also, I had no idea I spent so much of my time doing this with my hand. I wonder what other weird tics I would notice if I videotaped myself all the time. On second thought, I think I'd rather not know.

Posted by ekr at 08:19 AM | Comments (13) | TrackBack

If you want it to work, just buy Apple stuff

A customer deadline is preventing me from attending IETF Seoul, but a co-worker suggested that I video-conference in over the Internet. Trying to get this working was... instructive:
  • Apple iChat AV is only designed to work with a Firewire camera.
  • Most cheap cameras are USB.
  • In theory you can use a cheapie USB webcam with iChar AV, but it didn't work for me. Maybe my webcam was too cheap, since I could never even get it working with my Mac.
  • Even on Windows, you can only use AOL's video chat working with Windows XP. I run Win2K.
  • When I finally broke down and bought the iSight AV, it just stinking worked.

Now, I'm sure that with enough effort I could have made either of the cheaper approaches work, but frankly it's not worth 3-4 hours of my time to save $120 (the difference between the $150 iSight and the $30 USB Webcam I bought). I'm not ready to give up my beloved FreeBSD 1 just yet, but for the times when I need more compatibility (or Office), the temptation to ditch my remaining Windows equipment for OS X is getting pretty strong.

1. Yeah, yeah, I know that OS X is based on BSD, but I just can't stomach the OS X UI for general use.

Posted by ekr at 07:09 AM | Comments (41) | TrackBack