You Can't Make Mistakes.

This is the first post that I am writing from my phone, a Nokia N900. Initially, when buying the phone, I had hoped to do more of this. The WordPress interface was akward to handle on this device, though, so I never did it. The interface has gotten better, so here we are.

I hope that this might encourage me to write a bit more, particularly while on the bus on the way to the university in the morning. This activity may also cause an early onset of arthritis of the thumbs or carpal tunnel syndrome, which will be horrible. You takes your chances, I guess.

I also hope to find a bit of spare time to build a new theme as well. This one has had a good run, but it’s time for something new. Maybe a cleaner theme, or a trash style. Lord knows that all I would need to do is look around me for inspiration for that. That’s not a bad idea actually. I’ll call it “Banks of the Nile.” It can have bits of garbage and Bebsi cans and sand and murky water. The possibilities are endless.

I should be moving the site to a new server at some point as well. This should be interesting and may fail terribly at first. Who can say? it will be better though: and I do like trying stuff that I have never done before. It is kind of my motto after all.

For all of those of you out there who are interested in owning your information again, please check out a new project being developed by four NYU students called diaspora*.

Diaspora will allow you to take back control of your social networking data by allowing you to run your own instance of its service on your personal computer/home server. For more information about what it will do, check their project page. You have to give these guys credit for using a Back to the Future reference in their prospectus.

As you might know, I am an ever bigger advocate for open source projects that actually serve to put control into users’ hands and to sate that DIY spirit that so many people have. This is a project that I am very enthused about. If you have ten bucks lying around and want to help out a project that has the potential to change the way we do social networking online, then give it to these guys. Click on their project below to get involved through Kickstarter.

Happy Birthday

Today is, as some reckon, the 17th birthday of Linux, the open-source UNIX-like operating system which has become increasingly popular in recent years. I adopted Linux about 2 years ago, first dual-booting (having 2 operating systems installed on the same machine and choosing at startup) Fedora, and then Ubuntu. Then I got brave and removed Windows from my last laptop. Then I got a new laptop and nuked the drive the moment I got it with a fresh Linux install. Then I installed 64 bit. Then I started compiling my own kernel. After that, it was all downhill, or uphill, depending on which way you were looking.

I became a Linux enthusiast, then an evangelical. “There is this operating system that is freely available, you can download it, and then you can install software by searching for it and selecting it (if you are in a package-managed distro, that is),” I would say. “Why does one become evangelical for an operating system,” you ask? Here is why:

Now, I am running my own Debian server: a tiny little ARM-processor-based wonder-device, 4 watts/10 under load. That is less than most energy efficient lightbulbs. Right now it just houses my digital media, my backups (which is makes without my ever having to know), and acts as a print server on our network so that I don’t have to plug the computer in, print, etc. It just works. I just added audio to it via a hardware-hack, USB in-line, jack-spliced audio card cannibalized from an old USB headset. I now have a command-line stereo with music library. Streaming internet radio too. And I can serve my own radio stream, in case the end comes and we have to rebuild the internet with string and tin cans.

I have grand plans for this little guy, the Linksys/Cisco NSLU2, or SLUG as we call the firmware-modded versions. I want about 15 more of them to just do little tasks and coordinate with each other. There is a Mic-in jack that I spliced onto the aforementioned audio card, so I am working now on adding voice-command support. Just simple stuff: “Radio on” or “Backup laptop now.” I have these sci-fi-esque visions of a fully automated house where these little guys talk to me as I walk through, turn lights on and off, report the weather, stock prices, news headlines if asked. I have also been working on a project (currently on hold, too much hardware to move to the Middle-East) to create a group of thin-client picture frames and touch screen interfaces that will be placed around the house. These would display photos, art, whatever. When asked, they could show you websites, play music on the stereo, etc. I dream of an alarm clock which is set by saying, “Jeeves, wake me up at 6:45, NPR on the radio.” “Very well then, good-night Sir.”

I dream of these things, and I will have them. I already am far closer to having these things than I ever was using computers the way that we are taught to do so in out modern age. Even the best average user today really uses their computer no differently than they might use a typewriter and an 8-track. Why is this the case?

It is the case because we are not encouraged to be curious about what is inside of our computers anymore. That, and we have been conditioned to believe that you must pay for software for your computer, which is simply not the case.

I’m not talking about software piracy either, a practice that I am rather ambivalent about these days. I don’t think it should be illegal, because I don’t think that it should be an issue. The best software out there is being developed by the curious, hobbyist, academic interests of developers with a machine and a little know-how. It’s mass peer-review. When the software is not human readable and the source is closed, bugs and weaknesses aren’t found until they are exploited. Enter FOSS: Free/Open Source Software.

Back to my point, these things interest me because they have enabled me, as a hobbyist, to make some really cool things happen. Soon my server will be talking to me, and I to it. Then it will be a server farm, then an integrated system that commands a house, or at least some of the functions in it. It’s cool. I can do it. And it is freely available to me. Sold.

This is why I am a Linux evangelical. I will walk down the street wearing a Linux t-shirt if it gets people to ask me what it is. I also just realized that I am wearing a Linux t-shirt.

Help celebrate this Linux birthday by taking Linux for a spin. There are a number of distributions that allow you to run the operating system from a CD (called a “Live-disk”). Live-disks are slower, because they have to run off of a CD. But try it. If you have an old computer laying around, dig it out, and install Linux on it. In my opinion, Ubuntu is probably going to be the best for first-time users. Here is a list of live-disk distributions which will allow you to install if you would like to:

Ubuntu
Gentoo
Debian
Knoppix
Damn Small Linux

Try it out. Linux has come a long way from its roots in the command-line. Sometimes when I am sitting in public using my laptop people come up wondering what kind of laptop it is and what my “Windows” is. I invite them to sit down for a cup of coffee, and I say “Have you ever heard of something called Linux?”

Don’t forget to wear a condom.

The comic this morning on xkcd is a good example of arguments for and against electronic voting.

Read it. Careful though: it is funny, so the humorless fascists for whom you work may have blocked the site and also be in the business of firing anyone who tries to access it.

Regardless of that, it is a little ridiculous to have anti-virus software on a voting machine. A voting machine should probably not be network connected. If it is in fact network connected, then we shouldn’t have had the problems that we did with corrupted SD cards not having the voting data when needed. These things each indicate other problems as well.

First, if a voting machine is online, it is immediately insecure. All computers are prone to attack through either a network interface or by way of physical access to a machine. That said, some computers are more secure than others. Those computers used for high-profile applications—such as, I don’t know, off the top of my head, uh, VOTING—will of course be more delectable targets. So, possible operating principle number one: keep voting machines off-line.

Then, if a voting machine is off-line, why does it need virus protection software? The SD cards used for transporting data—the insecurity of which we will get to in a moment—should be checked for any virus or malware IMMEDIATELY BEFORE they are being placed into a machine. Ergo, there should never have been any need for virus protection software on these machines.

On to the point of XKCD this morning: What operating system is running on these voting machines and what is it doing? I am not sure, but I am just going to take a gander that is was Windows XP, or some-such. Now, Windows is known for: crashing, being-virus prone, being entirely insecure in the case of physical access to a machine, and a laundry-list of other fun things. Firstly, Windows should not be the operating system of choice for this application. There are more than enough compelling reasons to take that right off the table. Therefore, we should assume that there was a contract—read: set of payouts, kicks-backs, or other reward perks—involved between Premier Election Solutions (a.k.a. – Diebold) and Microsoft.

Let’s look at this again. Logically, so far, we have decided that: 1) voting machines should be using a secure, robust operating system, 2) voting machines should not be networked.

Or should they?

Is it secure to have votes stored in .xls (Microsoft Access) files and then transported on SD cards to a computer terminal by some flunkie (read: election official or Premier Election Solutions Employee) for transmitting over what one would hope are secure channels?

No, is the only answer to that question, by the way. PHYSICAL ACCESS to data is the point of least security. Swapping cards is just the easiest way to corrupt/alter the voting data.

The alternative: a networked voting machine which is connected to several sets of voting servers around the country—redundancy, in this case, is security, or at least accountability—via port/transport-encrypted connection protocols. The data is transmitted and tabulated at these central sites, plural. The data that is transmitted is stored on a separate physical disk from the operating system. That disk is encrypted and, if it is an SD card, there is no physical access to it—like a slot that it plugs into. Screwdrivers with weird noses are in order if you want it out.

When the data is transmitted, it can be in the form of an encrypted binary image of the disk. This is more secure than an .xls stored on an SD card. All of this will happen when the decentralized server farms call the data in at the end of the election. Also, at the end of the election, a printout could have a per-transaction list of the data received from the voters at each site. There are a number of ways to maintain the anonymity of the voters. Remove names, randomize times, etc. This printout would also be output electronically so that it can be stored for checking results, if there is a dispute.

Votes are tabulated/reported faster. The security is better—though only as good as its worst implementer. Everyone goes home happy-ish. Or at least as happy as they were before the election.

Back to the original topic: virus software. Here’s a fun thing: often, these days, viruses are written to attack and corrupt the virus protection software itself. Like real-world pathogens, they have adapted to attack the defenses first, and then go for the soft belly. So, if your computer is riddled with viruses, start over. This time, don’t use the virus software. Just use a malware detector like Spybot – Search & Destroy. In the distant past, when I still bothered with Windows, this was my virus-protection scheme, and it worked like a charm. My dad has been doing the same thing for years, and it works like a charm.

Again, back to the original topic: voting machines should not have Windows on them. Neither should servers. Linux is working all over the computing world on servers and in embedded devices for applications which require a great deal of security and require the OS to be robust—i.e. – not crashy. It comes in all sorts of flavors. It is scalable, customizable, and the source code is open. In other words, the kernel—most basic part of the operating system—can be fully customized to run exactly what is needed in the hardware, which also limits security gaps. It is also good at all the things that we talked about above: transport encryption, disk encryption, complicated networking schemes, redundancy, binary image backups. It also doesn’t have that nasty habit of crashing and dying forever. If it crashes, it can reboot, and it will be fine. This can even happen automatically since parts of the system can be restarted without your ever having to know about it in a user interface.

I don’t want to sound like an evangelical Linux user, but I am. And I will also admit that Linux is not for everyone—a statement that I do not fully believe, but which I will allow at present. It is however, perfect for an application like running voting systems. Even if you ran a Linux system comparable to what is running now on these silly machines, the problems would scale back immediately.

So, take that for what it’s worth. I felt that the comic was funny, but might need a little further explanation. There you go.

Oh yah, disclosure: This post was written from a laptop running an unnecessarily secure Ubuntu install, backed up on a server in my house running Debian and transmitted to the internet via a router running the Linux-based DD-WRT to a—you guessed it—Linux web-server share running WordPress. This blog post is delivered to you using only open-source operating systems and applications on our end. I can’t vouch for what you used to view it, but if you used Firefox, it’s a step in the right direction.

Back in the Saddle

Sorry for the recent hiatus in posting. I have been a bit lazy and let-lagged this week. 10 in the evening in Kalamazoo feels like what I have been calling 5 in the morning for the past year. It has been as rough transition, but getting better every day. The best part about this, as I sit and write at 7:50am on a Saturday, is that my increasingly late wake up time in Cairo is nice and early here. I have reclaimed the best part of the day, and I usually have it all to myself.

It’s good to be back… at least for a while.

I suppose that this is why I left in the first place, after all. I could have stayed here in the States and written my thesis. I would have had access to a great many more resources—the university library, easy access to the internet, face time with professors, and much more—but I would have likely been bored stiff, trudged on, written, worked some shitty part-time job: you get the picture.

Had I stayed here for the last year, I would not be writing now about how much I enjoy the air, the trees, the cool 10°C mornings, Taco Bell, Miller Lite, American Chinese food, walking barefoot in the grass: so many things. It’s not that I didn’t appreciate these things before, it is just that I didn’t appreciate them that much. I won’t gush or wax poetic about the joy of mundane things, but I will say that living in a place where everything is difficult makes me appreciate living in a place where everything is easy.

It also makes cake out of those things which before seemed difficult: as in “piece of.”

Regardless of all of that, I am having a blast. It is also stunning to take note of the things that I have learned in the past year. For instance: I went to seen Iron Man last weekend. It was great. I love comic-book movies, I love movie theaters. I didn’t go to the cinema nearly enough while in Cairo. Something to think about for the future. The best part of the film, though, was not the popcorn and bucket of soda that I was endowed with upon stepping into the joint, but that the film had loads of Arabic in it: and I understood every word. Obviously, it wasn’t very sophisticated dialog—certainly no more than the dialog in the primary language of the film—but I got it. I didn’t even notice at first: then I realized that I wasn’t looking at the subtitles when I laughed at some little quip or joke. Suffice it to say that I was very pleased with myself.

Same thing when I noticed what an easy time I was having understanding Ayad—dear friend and former roommate—when he showed up late one night before leaving for Saudi Arabia for the summer. We could always talk before, but it is certainly easier now.

I continue to reflect thus as I sit here and wait for the installer to finish on my new low-energy, headless Linux server. A year ago, I didn’t know what a headless server was. In the past year in learning how to use Linux on my laptop for data analysis, I accidentally learned loads about how it works and how to use it. So, now, rather than just having a slab running Windows crap factory, I have a laptop running a scalable set of software which is tailored to my needs. I was particularly pleased when Jeff asked me to put Ubuntu on his laptop to replace the Windows Vista that it shipped with. It went from being a relatively slow, unresponsive, one-year-old system to being a blindingly fast, extensible, little mobile monster. He was/is very pleased by the improvement. He is still gushing about it, in fact.

But, to think, a year ago I attempted an install of Ubuntu on my old laptop—I have since upgraded in a very serious way—and ended up with a command-line laptop for a month. That was cool and all, but it must be noted that it is very difficult to browse the internet using the command-line terminal. Kind of fun though.

Incidentally, I just converted that laptop back into a command-line laptop, just for kicks.

All in all, though, this year was a complete success: I learned a great deal. Had I stayed home, I might not have. Or, I wouldn’t have enjoyed myself nearly as much while doing it.

Anyone else learn anything this year?