Goa

pano

There are not a lot of flights into Goa, but one of them comes directly from Moscow. This explains a lot. The beach is full of unhealthy-looking Russian women and their monolithic husbands, whose hairless, pressurized torsos pivot atop speedos like artillery turrets. In the afternoon they are as drunk and passed out as our xenophobic cold war stereotypes have promised. Just like those topless glamor shots of Vladimir Putin, theirs is a virile aesthetic almost completely divorced from physical beauty. I’ve found Goa to be a very agreeable place to be carrying ten spare pounds of holiday weight.

But perhaps this is just Baga Beach, where we stayed. A day trip to Anjuna, the purported center of Goan hippie culture, revealed even fewer Russians than hippies. The people on the beach seemed athletic and competent and not in the mood for anybody’s shit. Absurdly, there were even a few joggers. The Bob Marley towels and offers of drugs seemed mostly about delivering the local color promised in the guidebooks. Anjuna is an American beach, a beach from which conference calls have been joined.

Seasides are timeless. The surf is perpetual, very nearly immune to seasons and human meddling. Shells and driftwood and sand are relentlessly ground down in a process that clearly does not require much supervision. Everything about the ocean is, frankly, much too big.

I used to like to sit in front of it and (pretentiously) read Calvino and feel as tiny and quiet and unnoticeable as a stone buried in the sand beyond the breakers. But that was years ago, when my self-regard was still immaculate. Pondering mortality and insignificance was a nice vacation experience once upon a time, but was never any more life-changing than a cooking class.

It’s less fun now. I’m no pebble, I’m just part of a huge herd of mammals, wallowing in the surf and shade and beer like everyone else. It’s certainly still relaxing, but regular life has lost its childish grandiosity and so the old idea of escape feels a bit more desperate. How can you relax when, back home, entropy is increasing?

I went into the Indian Ocean, which I never thought I’d do. The sand was smooth and the waves were like bath water. Soon I found myself amid some Indian boys who were bodysurfing.

Where are you from? USA. He was going there soon, he said, to work for a new company, had I heard of it. I was sorry, I hadn’t. He told me how many lakhs he was going to make. I wished him luck, which his friends thought was funny. I started to head out further and they asked me if I could swim. I told them yes; they seemed disappointed.

My cousins were born here. Or maybe that’s not right. Were they raised here? I can’t remember. One day they arrived at my grandparents’ house on Kenmore Street, in Virginia, so that the process of civilizing them could begin. Within weeks my cousin Emily gave herself a haircut, which became an important chapter in subsequent family lore and cemented a sense of wildness that was probably undeserved.

Why did my aunt go to India, and why did she come back? I’ve never been told and have certainly never asked. I imagine that she was, like many others of her generation, attempting an experiment. Sometimes I worry that its failure has disappointed her since.

My cousins seem none the worse for it, though. They are now implacable Vermonters, wise and capable and, if one insisted on naming a fault, perhaps even too strong for their own good. Just like their grandmother, and her grandmother. A generational displacement as geographically and culturally vast as possible couldn’t dislodge their destiny. At times I find this immensely reassuring.

Bangalore

The guidebooks try to be polite about it, but they don’t have many compliments for Bangalore. They have to admit it’s not great for temples or monuments or palaces. But they hasten to note that it’s clean! And wealthy! If Lonely Planet were about Victorian ladies instead of cities, Bangalore’s fluency in French and skill at the pianoforte would be discussed extensively.

This city has been gentler to me than I’d been told to expect. There is dizzying traffic and choking smog, but it’s navigable. There is horrible poverty and software-driven wealth — authors of Medium posts about San Francisco’s spiritual destruction via Google Shuttle will find much to like — but so far my heart is only being broken once every ten miles or so. The taxi drivers don’t seem to see enough tourists to know how to properly gouge us. And gastrointestinally, I am at the part of the cartoon where the coyote opens a clenched eye and begins to chuckle nervously, thinking the bomb must be a dud.

So I’m not as overwhelmed as I might be. But the experience has still been satisfyingly foreign.

I finished rereading Jonathan Strange & Mr. Norrel shortly after landing, and this passage seemed about right:

They had been recommended to a hotel in Shoemaker-street which belonged to a Mr Prideaux, a Cornishman. Mr Prideaux’s guests were almost all British officers who had just returned to Portugal from England or who were waiting for ships to take them on leave of absence. It was Mr Prideaux’s intention that during their stay at his hotel the officers should feel as much at home as possible. In this he was only partly successful. Do whatsoever he might, Mr Prideaux found that Portugal continually intruded itself upon the notice of his guests. The wallpaper and furnishings of the hotel might all have been brought originally from London, but a Portuguese sun had shone on them for five years and faded them in a peculiarly Portuguese manner. Mr Prideaux might instruct the cook to prepare an English bill of fare but the cook was Portuguese and there was always more pepper and oil in the dishes than the guests expected. Even the guests’ boots had a faintly Portuguese air after the Portuguese bootboy had blacked them.

I think this unavoidable, insistent foreignness can be illuminating. There are layers to the effect.


In the old days, before anyone knew what yeast was, styles of beer came from specific places. The critters in the air and the minerals in the water determined the options available to a brewer. That pilsners came from Pilsen was an immutable feature of the world, not just clever coordination by the Pilsen Chamber of Commerce.

Maybe foreignness begins with these biological conditions. They’re no more detectable by a tourist like myself than they were to medieval brewers (although I’m told I would certainly come to notice something if I drank the tap water). But they’re real and they must shape the environment surrounding me.

Those contrasts make me begin to wonder about how I’ve been shaped by similar forces at home. Sometimes, at the gym, I’ll work out next to someone and notice that their sweat smells of berbere. It’s a physical manifestation of how saturated they are by their culture.

Of course I can only detect this because my own culture is different. I’m no less steeped. Supposedly when Westerners first came to Japan, the islanders couldn’t bear the visitors’ stink. “They smell[ed] of butter and fat.” I wonder what I’m suffused with; what I smell like to the people here. Even my friends say that Subway stores smell awful, which is worrying.

The opportunity to reflect on these contrasts is what I like I like about travel (communication technology’s erosion of the case for sightseeing is hugely underconsidered). But these contrasts are growing duller, aren’t they? It’s banal to lament the homogenizing effect of global commerce. I wouldn’t want to claim there’s anything principled about my supercilious yuppie dismay at the prospect of a Bangalore Baskin-Robbins.

But the larger phenomenon seems real enough. How distinctive can a global set of cultures remain when their TV producers are all ripping each other off at internet speed?


Conscientious citizens of the universe will already be familiar with the wikipedia article about its heat death:

From the Big Bang through the present day and well into the future, matter and dark matter in the universe are thought to be concentrated in stars, galaxies, and galaxy clusters. Therefore, the universe is not in thermodynamic equilibrium and objects can do physical work.

Why can anything happen at all? Because there’s more of something in one place than another. Charge, pressure, heat — any one of them out of equilibrium, and it’s able to be harnessed for work as it seeks balance.

It’s tempting to apply this metaphor to society: imagining that the diffusion of concentrated idiosyncrasy is the only means by which cultural invention can be pushed to an acceptable pace. The transmutation of African-American musical traditions into pop genres; the adoption of anime tropes by American filmmakers; the dizzyingly reciprocating cross-pollination that produced the Gangnam Style fad single; fusion cuisine.

Is cosmopolitanism another word for entropy? Is a Diplo mixtape analogous to an exploding oil tanker? This is not a cheerful idea — it’s a prediction of eventual globalized monotony and stagnation — but it does seem compatible with Kurt Andersen’s ideas about postmodern exhaustion.

And it could serve as a framework for understanding which parts of globalization we should resent. If cultural distinctiveness is a resource we spend it should be spent on worthwhile pursuits rather than on selling hamburgers and cola; just as we should burn petroleum to empower humanity rather than to power larger SUVs.

Admittedly, this idea is also compatible with an ugly primitivism. I don’t mean to do that. I don’t want to be tempted into imagining that India (or any place else) is some sort of wellspring of authenticity; its colonial history makes that idea laughable. Besides, it seems impolite to insist that other societies act as cures for our neuroses.

But if I squint I can imagine India as an engine, doing fascinating things as it burns away the divisions between east and west and other places beside. I wonder if it will ever run out of fuel.

in honor of CES

Let us revisit the opening paragraph of The Hitchhiker’s Guide to the Galaxy:

Far out in the uncharted backwaters of the unfashionable end of the Western Spiral arm of the Galaxy lies a small unregarded yellow sun. Orbiting this at a distance of roughly ninety-eight million miles is an utterly insignificant little blue-green planet whose ape-descended life forms are so amazingly primitive that they still think digital watches are a pretty neat idea.

If I squint just right I can almost, almost talk myself into believing that smartwatches will be useful. But this is a personal failing.

My Dumb Raspberry Pi-powered Fantasy Football Trophy

Well, another fantasy football season is behind us. I entered the season as the reigning champion and left it as the… not champion. It would be churlish to try to make excuses for my poor showing. So instead I’ll simply note that there is an ongoing, pressing need for organ donors in this country, and many of my fantasy players’ families are proud to have done their part. My heartfelt congratulations to Ben on his apparent championship and the masterfully subtle campaign of cheating that must surely lie at its foundation.

But the season did have a few bright spots, even beyond the news that my WR1 is expected to walk again. In particular, I embarked on a semi-ridiculous project to build a Raspberry Pi-powered fantasy football meter. It worked out pretty well!

I should probably begin by assuring you that I’m not actually all that maniacal about fantasy football. It was a purchase that spurred this project: a few months back I bought a big lot of antique electrical gauges on eBay.

(OK, actually I bought two lots.)

Since then I’ve been building some little projects with them using Raspberry Pis and lasercut wooden enclosures. The fantasy football meter is one of the more grandiose examples.

The top gauge measures my ranking in the league. The bottom gauge measures how many points ahead or behind I am at the moment. I realize that this is deeply stupid.

It’s fair to say that I have been working to (slowly) accumulate the expertise necessary for these projects for more than half a decade. It’s made me really, really wish that I had taken some electrical engineering classes in college.

Still, I’ve learned a lot during this process! So why not blog about some of those things?

Cut A Hole In The Box

3D printing gets a lot of attention, and it is indeed frighteningly neat. But for my money a good old-fashioned robotic lasercutter is even more exciting. Anyone who has turned an IKEA flat-pack into an unattractive wine rack will be familiar with the basic principles underlying my approach.

Conceptualizing the transformation from two to three dimensions is trivially easy for some people and essentially impossible for others. I fall somewhere in the middle, and find that I am best served by workshopping a given geometric idea under a variety of pharmacological conditions — specifically alcohol, caffeine and post-workout endorphines. Probably there is some nootropic cocktail available on the streets of San Francisco that delivers innovative furniture design insights and permanent synaptic damage instantaneously, but I’m uncool enough to require lengthy periods of mulling instead.

I would dearly love to employ interesting woodworking techniques, but working in two dimensions more or less mandates the use of finger joints. And really, that’s fine. The one thing you have to watch out for is kerf. Lasercutters work by vaporizing a small amount of material. The width of this area — called kerf — usually amounts to just a tenth or fifth of a millimeter, but it does add up.

I’ve written some python scripts to help generate finger joint geometries that account for tedious kerf calculations automatically. They do require quite a bit of fiddling and subsequent modification in Illustrator or Inkscape, but they work well enough. A nicer online application can be found at makercase.com, but I know my code and like it well enough.

I used Ponoko for this particular trophy, and they provide a wonderful service. But HacDC now has a lasercutter, and though it’s less powerful, you can’t beat the price and turnaround time. I’m still experimenting with materials, but have purchased a bunch of stuff from laserbits.com that I hope will produce good results.

Raspberry Foray

I’ve spent a lot of time playing around with Arduino, and the experience has taught me a lot. But if you want to connect to the internet — and look at you, of course you do — you’re going to want to turn elsewhere. I spent quite a bit of time on the BeagleBone, and I admire its commitment to openness.

But there is no competing with Raspberry Pi right now. It wins on price. It wins on its choice of native distro. Most importantly, it wins on community. Next to these things, its just-OK (nongraphical) technical capabilities are afterthoughts.

Still, making the damn thing useful in embedded applications takes some thought! I have condensed a number of these lessons into this repo. You might want to borrow parts of it (you probably won’t want all of it). Among the things the bootstrap.sh script and its siblings accomplish:

  • Installs Bonjour so you can get to the Pi without looking up its DHCP-delivered IP address
  • Gets a decent Python environment in place, complete with virtualenv
  • Installs the wiringpi and wiringpi2 libraries, which are what you’ll want to use to control the General Purpose Input/Ouput (GPIO) pins on the device
  • Sets up my default wifi networks. Whoops! You probably don’t want that. But use this /etc/network/interfaces and /etc/wpa_supplicant/wpa_supplicant.conf file templates to get yourself online. Note that you can have more than one network={} statements in the latter.
  • Gives my SSH key root on the system. You probably don’t want that either.
  • Turns off the swap file. Swap files are the means by which your disk impersonates RAM to expand your system’s capabilities. It’s a super-neat idea in general, but less so if your disk self-destructs the more often you write to it — which is indeed the case with a flash SD card. You should find a way to make do with physical memory. I’ve gone through a lot of SD cards.
  • Relatedly! And not present in this install script! You should turn off journaling in the filesystem. Instructions can be found here. Journaling is a neat idea by which every change to the filesystem is first cached in a central location before being executed as a transaction. This allows for graceful recovery from a number of failure modes that can occur if an operation that requires multiple steps — and which really, really needs to complete all of them for things to make sense — is abruptly interrupted by a power loss or other failure. But that caching requires a ton of writes to disk, and will burn up your SD card in short order. You’ll just have to get by without journaling, and commit to pulling the power as little as possible
  • The script also turns on the watchdog module in the Broadcom processor that lives at the heart of the Pi. This is a little piece of hardware that listens for a heartbeat signal from the system and, if it doesn’t hear one, reboots everything. Step one is turning on the hardware; step two is setting up the heartbeat. This can give your system a gentle kick when something you’ve done screws it up.
  • Want to install a Python script in your virtualenv as a system service that starts at boot? I’ve made that fairly simple, though the script does bake in a few assumptions about your directory structure.
  • Optionally, this script will help you set up outbound mail via your Gmail account
  • Finally, there’s a script to install an ARM processor-compatible version of PhantomJS. More on that in a sec.

Some things are best done once, however. For a long time I installed whatever the latest Raspbian image was, then went through the raspi-config script (which launches automatically on the first boot) and then ran my bootstrap script.

This takes forever, though. I got particularly sick of reconfiguring raspi-config to expect a non-UK keyboard.

But creating a new and improved disk image eluded me for a while. Installing all the aforementioned junk requires that you expand the filesystem to use more of the SD card (the default uses only 2GB). But if you use the dd tool to image the result, it’ll show the full size of the SD card. And an image of one 4GB SD card (for instance) won’t necessarily fit on a different model or brand of 4GB SD card. (You should be using 8+GB cards anyway, to minimize system failures due to repeated writes to the same sector.)

The solution: expand the filesystem manually to 3GB or so. Use raspi-config to assert your American independence. Get everything set up. And then record an image using something like this:

sudo dd if=/dev/disk1 of=preconfigured_raspberry_pi.img bs=1048576 count=3000

This instructs dd to copy from /dev/disk1 in 1 megabyte chunks, and to pull three thousand of them. The remaining five thousand or so (on an 8GB card) can simply be ignored, I think? Honestly, it’s a bit difficult to keep track of which levels of filesystem abstraction and definition are included where. Perhaps those missing five thousand megabytes will come back to haunt me someday. But not yet.

Somehow the Vital Connection is Made

All of the above gets us a wooden box and a cheap and useful Linux environment. How do we make it actually translate Things On The Internet into a dial moving… somewhere?

Well, first you’ll need a wifi adapter. I tend to buy this one, which is tiny, less than ten dollars, compatible with the Raspberry Pi default distro without any additional drivers, and can mostly connect to wifi networks without exceeding the Pi’s rather wussy USB power capabilities. But there are other perfectly fine choices out there.

Getting wifi working on Linux is awful under the best of circumstances, but when done without a GUI it easily competes with the most imaginative punishments Greek mythology can offer. Please, please use the /etc/network/interfaces and wpa_supplicant.conf patterns linked above. For me, they’re the culmination of more than a year’s worth of trial and error across multiple embedded systems (next time you see me, ask to see my FUCK CONNMAN tattoo). Others will have wisely gone straight to LadyAda’s excellent series of Raspberry Pi lessons, from which this solution is cribbed.

But wifi connectivity is only the beginning.

A Ghost Is Born

Fantasy football is one of those strange areas of human endeavor in which Yahoo is successful. It’s free and it’s what my friends and I use, anyway. And it’s comforting to begin to know the annual rhythms: unnecessary redesign, mobile app flakiness, disastrous week 1 server outage, ensuing apology, eventual system stability. I look forward to repeating the cycle next year.

Alas, the API seems basically useless for anything beyond establishing that Yahoo runs a fantasy football service. So we’re going to be screen-scraping, navigating and disassembling messy HTML pages in just the same way that your browser does.

This is not a reliable process. Worse still, Yahoo counts on tons of Javascript to render portions of the page after the initial HTML has been delivered. Knowing what is supposed to happen after that point requires a Javascript interpreter, which is a sophisticated piece of machinery beyond most scripting environments. Instead, you have to connect your script to a browser and ask it, intermittently and politely, what the hell is going on right now.

This task used to be so hellaciously finicky that I’d never gotten it to work. But Phantom.js has removed most of those difficulties, and as I mentioned above, there’s a compiled version for Raspberry Pi which can simply be copied onto the device and used. I employed the Selenium Webdriver interface, but mostly because of peer pressure. I’ve been hearing good things about Casper.js.

Yahoo ensures that this will not be the end of your woes, but I’ve encoded a number of hard-fought lessons in this Python class, and will probably update it once the 2014 season redesign arrives and breaks everything. (The rest of the code for the meter is here, incidentally.)

Moving the Needle

The last piece of the puzzle: making the damn needles move. Most of the excitement is already recorded in this post. But in short: microcontrollers are all-or-nothing beasts, setting output pins to zero volts or ALL THE VOLTS (3.3 in the case of the Pi). But they can approximate intermediate values by turning a pin on and off very rapidly, with the ratio of on:off determining the voltage that’s being approximated. This is called pulse width modulation, and the Pi has built-in hardware that allows it to deal with this constant switching without expending any brainpower — but only on one pin.

Luckily, the wiringpi library has included as sophisticated a system for additional, software-controlled pins as one could hope for, though each additional pin comes at the cost of a bit more CPU utilization. Fortunately we only need two for this meter (the -100 to +100 meter is actually set up to behave as if it’s two separate meters).

The vintage gauges themselves are not configured for 3.3v, of course. But that’s where trim potentiometers come in:

Those little blue and white dials labeled 1, 5 and 6 are the trim pots in question. Some trial and error can deliver resistor levels that max out the meter’s range without overpowering it. The gauge’s response might still not be perfectly linear, but that’s where this little library comes in.

Wrapping Up

All that’s left is to add a little flair:

Ben will get a plaque now, too. I guess.

how scared should you be of your webcam?

Yesterday Tim Lee and Ashkan Soltani reported a surprising and alarming revelation: some webcams can be activated without their accompanying light being turned on. This means it’s conceivable that criminals or government agents could compromise your computer and take surreptitious pictures of you. It’s a frightening prospect.

It’s also one that I had more or less deemed impossible based on what I know about electrical engineering. I owe Tim and Ashkan my thanks for teaching me something new.

But I think it’s worth delving into exactly what makes this attack possible. The paper their story focuses on concerns one particular attack on one particular type of webcam. Left unanswered is whether vulnerabilities like this one are commonplace. Examining how this attack works can provide some reassurance about engineers’ good intentions, but leaves plenty of reasons to worry about their insufficiency.

You can find the paper detailing the attack here (thanks, guan!).

Before we walk through how the attack works, let’s establish our cast of characters — one that’s slightly simplified relative to the specifics of this attack, but which will suffice for our purposes.

First, there’s your computer. It looks like a computer, and behaves in a computerlike fashion.

Second, there’s the webcam microcontroller. This is also a computer! But it’s a much tinier, lousier computer — one that fits on a single microchip. Still, it can run programs, and it can talk to your computer. And we’re not going to ask it to do very much: mostly it’s just supposed to manage the other components in the webcam and report their outputs back to the computer when asked.

Third, there’s the image sensor. It’s digital and electronic, certainly, and it even speaks binary code and executes commands, but it doesn’t run arbitrary programs. It does have internal states and settings, though — it’s not a completely passive, memoryless device like a lightbulb or motor.

Here’s the key diagram from the paper:

webcam_vulnerability

On the bottom is the microcontroller. On the top is the image sensor. There is a connection between the two of them labeled “standby”. When operating normally, the image sensor will go into standby mode whenever the microcontroller sends a voltage to this connection.

On the right side of the diagram is the LED. Its input side is connected directly to the system’s power source (Vcc), and its output side is connected to the “standby” line. A circuit can only do work when energy flows through it, so when both sides of the LED are set to the same voltage — when the standby line is “high” — no current will flow and the LED will remain dark. When the voltage on this connection is low, the image sensor will emerge from standby mode; current will flow from Vcc, through the LED and out the “standby” line; and light will be generated.

This is a pretty good system! The LED’s function is tied directly to something that enables or disables the image sensor. This arrangement can’t be undone without cutting wires. Really, that “standby” line looks a lot like a power switch.

But it isn’t. The image sensor was designed to be a flexible component that might be used in many different configurations, not just the iSight. This is the norm in electronics, with a few exceptions like the custom chips that Apple designs for its iPhones. In this case, the image sensor can be configured in different ways by sending it different setup commands from the microcontroller. One can imagine modes for “low light” or “video” or “grayscale”, but there are also numerous esoteric settings that are only useful to engineers. In the case of this particular image sensor, it’s possible to tell it to ignore any signals it sees on its “standby” pin.

This probably sounds pretty outrageous, but it’s not hard to imagine configurations in which this capability could be useful. When prototyping a circuit, minimizing the number of features and connections that must be used can make the process faster and simpler. In some applications the image sensor might be on all the time, making a usable “standby” line irrelevant (or, if not properly grounded and shielded, even a source of buggy behavior).

Alternately, it might seem outrageous that the engineer designing the webcam system overlooked this capability in the image sensor. This is a stronger argument. But this is an easy mistake to make.

Here’s the datasheet for the image sensor. At 61 pages it’s not especially long (microprocessor datasheets can be thousands of pages), but I think you’ll agree that it’s not the easiest thing to read. What you probably can’t see is that datasheets are often riddled with errors. They are usually written by engineers, which produces a terrible product but is better than the alternative. As you might imagine, the result is more or less impervious to editing and verification by humans. Datasheets for very popular or venerable chips can be very good, but for complicated, new or little-used products, they can contain serious problems. Partially for this reason, datasheets often contain information about “reference implementations”: partially or wholly built systems that show how the component is supposed to be used with a minimum of complicating details, and which engineers are implicitly encouraged to follow without question.

None of this excuses the webcam engineer’s failure to foresee this security hole. But you can imagine how it happened. Having someone manipulate this completely undocumented hardware system, reprogramming a microcontroller to, in turn, reprogram an image sensor to use a counterintuitive operational mode that (for all I know) might be completely idiosyncratic to this image sensor chip? It’s tough to get too angry over someone’s decision to spend their time on other problems.

Is this comforting? Sort of. It’s an awfully specific vulnerability. It’s pretty easy to see how to design around it (use the LED to test for power to the image sensor, not the state of its standby line; harden the microcontroller’s programming; the paper’s authors discuss a number of possible remedies and the occasional tradeoffs they entail). It’s clear that the engineer was trying to tie the LED’s activity as closely and irrevocably to the image sensor’s operation as he could, which is the right idea. We have no specific reason to think that similar bugs are present in other webcams that use different chips or have more careful authors.

Still. This is a reminder that the systems we use are wildly complex, executing code in many more places than just the CPU. And it’s increasingly clear that many of those places have never been scrutinized for vulnerabilities. It’s cheering to see security researchers uncover these problems, but criminals and governments have vastly greater resources and incentives to pursue this work, and have had plenty of time to do so. Some masking tape might not be a bad idea.

teaching everyone to code is a fine idea

I often find myself defending Sam Biddle’s brand of Silicon Valley nihilism to Matt, so I’m sort of surprised to see us switching sides: today Matt joins Sam in deriding President Obama’s calls to teach schoolkids to program. He’s not alone! I think Matt’s specific objection doesn’t get us very far — some students’ failure to attain basic skills doesn’t really tell us all that much about what should be included in a general curriculum, just as the continued existence of murder doesn’t tell us much about the wisdom of enforcing speed limits.

But it is worth spelling out the case for teaching people to code. It’s not because we expect them to become programmers. We don’t expect every student in English class to write a novel or every student in Trigonometry to wind up manipulating triangles for a living. We certainly don’t expect every kid in music or art class to carry those skills beyond the classroom, or even to achieve proficiency within it.

Rather, we teach those skills because they are varyingly enriching and instructive windows onto reality and culture. They help kids navigate the world. In a few cases they’ll wind up being of practical value or make for a fulfilling hobby. But mostly they’re about building competent and intelligent human beings.

Coding qualifies. I still distinctly remember programming my grandparents’ VCR for them — a cliche of childhood technical affinity, yes. But also an instructive experience! Why was the schedule set with a 24-hour clock scheme? Why were the on-screen fonts the same across different brands of VCR? What the heck was the difference between SP, LP and SLP? The answers involve the nature of modulo arithmetic, the electronic industry supply chain and electrical engineering practices, and some pretty fundamental concepts from information theory. Some of these revealed themselves quickly; others came decades later. Gaining that simple, unimportant technical skill gave me a window into how engineers’ minds work and how the constraints imposed by physical reality shape the systems they build.

Without realizing it, the simple daily use of technology imparts lessons about data normalization, computability and signal processing. Stitching these hunches together with a light classroom introduction to the procedural nature of Turing-style computation is not a bad idea. It’s also not a trivial idea — some people think this perspective has enough explanatory power to describe the entire universe.

Nor is it of merely intellectual interest (though I’ll happily admit that I do find it deeply intellectually rewarding). In the same way that the economic perspective has largely triumphed over other dialectic forms in our culture, our physical environments grow ever more engineered. And engineering grows ever more digital in nature. Understanding how those processes work at a fundamental level is an increasingly necessary precondition to deciphering our deeply unnatural world.

Do you want to be able to quickly use a new product? Or organize a spreadsheet so that it will be useful later on? Do you want to know why your partner missed that SMS, or why the football broadcast looks blocky? Do you want to know what to fear, and when you’re being lied to, and how?

Learning to code “hello world” won’t guarantee you those answers any more than it’ll guarantee you a job at Facebook. But it isn’t a bad place to start.

using Raspberry Pi and a VPN to avoid sports blackout restrictions

Broadcast sports is finally, finally embracing the digital age. My Apple TV has separate apps for the NHL, NBA and MLB, for instance. Sadly, these are still subject to blackout restrictions, preventing me from being able to purchase Capitals games. Irritating!

As it happens, I have a pay-as-you-go account with IPredator, a Swedish VPN service. For a few bucks a month, they provide the ability to use a high-bandwidth encrypted link that terminates your internet traffic in Sweden. I mostly use this for Bittorrent (though pretty rarely, believe it or not). But I figured it might let me get around blackout rules, too.

Unfortunately, the Apple TV isn’t able to use VPN software. So we need something to handle that operation instead, making the Apple TV think that it’s on a perfectly normal network — albeit one in Sweden.

This had been on my to-do list for a while, but I finally got around to tackling it today. The results are pretty good! Sadly, it appears that hockey-crazy Sweden has blackout rules of its own — presumably the NHL has a distribution deal with some broadcaster there that makes it necessary to confound people like myself who want to pay to watch hockey but don’t care to pay for a complete cable TV package. Bah.

But the system is working — a laptop substituted for the Apple TV is convinced it’s sitting in Stockholm, and my Apple TV Netflix experience is substantially different (title availability is wildly altered). And the NBA League Pass stuff looks like it might be working fine (I don’t have an account, but will be bugging Matt to try his out shortly).

So I’ll go ahead and record what I did here before I forget it. Perhaps before too long I’ll switch to a VPN that terminates in a (non-Washington) US city and see if that doesn’t solve my problems.

  1. Buy a Raspberry Pi Model B (the one with the on-board ethernet jack). Get the basic Raspbian distro up and running.
  2. Add a USB ethernet adapter — one with Linux support. Note that I haven’t tried the one at that link, but it claims to be Linux-friendly. I’ve been using an overpriced Apple adapter.
  3. The USB ethernet port is eth1, and will be what you plug your Apple TV/whatever into. The on-board Raspberry Pi ethernet port is eth0, and should be connected to your router.
  4. Follow LadyAda’s instructions for making your Raspberry Pi into a wifi access point — except skip everything that has to do with hostapd or iptables. Also, replace references to “wlan0″ with “eth1″. After rebooting, you should now be able to plug a computer into the USB adapter via ethernet and receive an IP address that begins with 192.168.42. If you can’t, something is wrong.
  5. Configure OpenVPN for IPredator using their Debian setup instructions. When running, this creates a virtual network adapter called tun0 — it’s quite similar to eth0 or eth1 (the ethernet cards) except it’s a software abstraction. Also, configure this to start up automatically — the IPredator instructions gloss over this. It shouldn’t take more than a “sudo update-rc.d openvpn enable”.
  6. Use the following iptables configuration to make the Raspberry Pi act as a router that sends incoming traffic to tun0:

    # Generated by iptables-save v1.4.14 on Sun Dec 1 13:49:10 2013
    *nat
    :PREROUTING ACCEPT [329:25039]
    :INPUT ACCEPT [194:13371]
    :OUTPUT ACCEPT [0:0]
    :POSTROUTING ACCEPT [0:0]
    -A POSTROUTING -o tun0 -j MASQUERADE
    COMMIT
    # Completed on Sun Dec 1 13:49:10 2013
    # Generated by iptables-save v1.4.14 on Sun Dec 1 13:49:10 2013
    *filter
    :INPUT ACCEPT [1384:725715]
    :FORWARD ACCEPT [877:601931]
    :OUTPUT ACCEPT [1102:200985]
    -A FORWARD -i eth1 -j ACCEPT
    COMMIT
    # Completed on Sun Dec 1 13:49:10 2013

    You can grab the gist here. Save this into /etc/iptables.up.rules then create a file called /etc/network/if-pre-up.d/iptables that contains the following:

    #!/bin/bash
    /sbin/iptables-restore < /etc/iptables.up.rules

    Give it a good “sudo chmod +x /etc/network/if-pre-up.d/iptables” to make it executable and, if all has gone well, you’re done! You now have a Raspberry Pi that lets network traffic go in one end and emerge in Sweden. Kinda neat.

DIY abominations

I like to make a new Halloween decoration every year. One year it was corpsing a skeleton; another year I built a coffin; another time I made some big glowing papier mache spiders.

This year I decided I wanted some skulls. Goat skulls, ideally — dollar for dollar, I don’t think there’s a creepier skull out there. Probably it’s all the Doom 2 I played as a kid.

I posted an ad on Craigslist appealing to hunters and farmers for help with (ahem) a “theatrical production.” Eight days later I received a response. “Kyle” worked at Crazy K Goat Ranch, and he seemed to have a lot of skulls; we made plans to meet a few days later. I brought along Dave and Kriston to ensure that the encounter’s net flow of skulls went in the direction I expected.

It only took a moment to verify that Kyle was probably the K in “Crazy K”. He was certainly a strange guy. He seemed to live with his parents, and I’m not at all sure that the goat farming is a full-time occupation for him. But he was very nice to us, particularly since I happened to be wearing a Capitals t-shirt — Kyle was, too, and turned out to be a bit of an Alex Ovechkin super-fan.

$20 per skull is a steal, and we concluded our business quickly. Kyle sold me the skulls of a bunch of goats, an alpaca, a llama, and a pig that had (until recently) been giving him trouble. There is apparently some kind of solution he soaks them in to remove the soft tissue — it’s intensely unpleasant, I’m sure.

Anyway: I had some skulls.

skulls

me_and_skulls

A good start! But I wanted to do a little more. And hey: I’ve achieved pretty good results with creepy glowing eye sockets before. Let’s do some more of that.

The basics are pretty simple. The idea of an LED throwie is at least seven years old now (can that be right?) but it works as well as ever. Let’s pause for a brief interlude about sticking them all over the cube at Astor Place:

Nice.

Well, the gist is the same as always: the LED and the CR2032 battery are a lovely match. The CR2032’s 3 volts are enough to light up most LEDs. Better still, its internal resistance will prevent the LED from burning out immediately, even when used without a resistor. You can wedge a CR2032 between an LED’s leads and it will light up quite happily for hours! And hey, it turns out that these batteries aren’t even that terrible for the environment.

You can get all of these components very cheaply on eBay. Here are fifty red LEDs for $3; here are 20 CR2032s for a little more than $4. If you want to get fancy (and I did) you can get CR2032 holders for about fifty cents a pop.

Wiring the necessary circuit is dead-simple. I have a distinct memory of getting a small light bulb to illuminate from a battery in second grade; it was the first thing they taught us about electricity. This is no more complex, except that you might need to flip the LED around if you get the polarity wrong the first time. So, no need to belabor that. Also: it turns out hot glue guns work well on bone.

But for a few of the more frightening skulls I went a little further and added a circuit that turns the lights on only when the surrounding environment is dark. It’s a pretty useful technique for working with analog signals of any kind (I’ve also used it to trigger a light-sensor to activate a music box upon opening, for instance), so let’s go ahead and run through it.

We’ll need three things to make this happen. First, some way of sensing light — that much is obvious. Second, a way to define what our threshold for “dark enough” is. Third, a way to compare the two values and switch the LED circuit on.

Let’s start with the last one. I used an LM393 comparator, a common chip that looks like this:

LM393

It, too, can be found on eBay for pennies per unit.

The LM393 is very simple. It takes a reference voltage. It takes a comparison voltage. If the latter goes above the former, the chip will make an electrical connection between its output pin and ground, potentially completing a circuit and doing useful work.

The LM393 also looks like this:

comparator

That’s the schematic from its data sheet, mapping the chip’s 8 pins to their functions. Pins are numbered in counter-clockwise order, starting to the left of the chip’s top side, which is marked by a little notch or off-center circle (or, in the above photo, both). As you can see, there are actually two comparators built into the LM393; we’re only using one. For our purposes they’re electrically distinct, except for a shared ground and supply voltage (V+ in the diagram, though it’s more commonly called Vcc). The LM393 can run off anything from 2 to 36 volts.

So how do we arrange the reference and comparison voltages? It’s really simple, actually: we use a voltage divider. Picture it like this:

divider

Vin is our supply voltage — let’s say 10 volts. The horizontal triangular thingy at the bottom is ground. R1 and R2 are resistors connected to one another. At the top, it’s always gonna be 10 volts. At the bottom, it’ll always be zero. That’s axiomatically true. But what about in between the resistors, at Vout?

That depends on the values of R1 and R2 — or, really, the ratio between them. If they’re both 100 ohms, or 2500 ohms, or 5 million ohms, Vout will be 5 volts. If R1 is 25 ohms and R2 is 75 ohms, Vout will be 7.5 volts. If you flipped them, it would be 2.5 volts. It’s all pretty linear and straightforward (the Wikipedia voltage divider article will walk you through the math, if you’d like). Make sense?

So! Let’s set things up. Keep the battery out of the holder until you’re done, but pretend it’s in there — now we have a 3 volt V+ and a ground. Connect ‘em to the relevant pins on the LM393. Now take two resistors — doesn’t really matter what value, as long as they’re the same, but they should be a decently high value to avoid voltage drain — and connect them in series, bridging V+ and ground BUT, crucially, making a pit-stop in the middle at pin 5 (“non-inverting input B”). That pin will now be getting a reference voltage of 1.5 volts. If the voltage on pin 6 (“inverting input B”) goes above this value, pin 7 will be connected to ground. If not, not.

But what gets connected to pin 6? Well, seems like we need something that changes its value based on light. Easy enough! A photoresistor is just what it sounds like and is, again, cheap on eBay. They look like this:

photoresistor

That squiggle in the middle is made of a material that lowers its resistance as light hits it. Otherwise, this thing behaves just like a regular resistor. That means we can build a voltage divider with it, just like the one we connected to pin 5. What should we use for the other resistor in the voltage divider circuit, though?

We could just use a regular old resistor. But we’d have to be pretty careful about picking it, and it would lock us in to one particular level of darkness as our threshold value. That’s not a great idea, particularly since human senses respond to energy changes adaptively and logarithmically, while sensors do not.

It will be much better to use a variable resistor — a potentiometer. Back to eBay! These guys come in many different forms, but for this we can get away with a the teeny tiny ones that you adjust with a screwdriver (sometimes called “trim pots” or “trimmers”).

Picking the appropriate range for the potentiometer is important. We want something that will let us flirt with the half-of-V+ comparison voltage we already defined via the divider we built out of those first two resistors. In this case, that means getting out a multimeter and figuring out the range of your photoresistor. Test it in darkness; test it in daylight. Try to find a trim pot that can approximate this range of resistances, or at least one that can be adjusted to somewhere around the photoresistor’s value in slightly-too-bright-for-goat-skull-glowing conditions.

Now make a voltage divider with these two — it’ll be the same deal as before, just connected to a different pin. The photoresistor lives on the side of the circuit closer to ground. The trim pot lives on the side closer to V+. The junction between the two goes to pin 6.

Finally, connect the ground side of the LED leads to pin 7. This is the final schematic:

schematic

I did all of this in “deadbug” style:

deadbug

Now wait until it’s dark in the room and adjust the trim pot until the lights juuuust turn on. Voila!

10526396545_5ac3a77ed6

When it’s brighter, the circuit should turn off. You’ll want to fiddle with the placement of the photoresistor — I gave mine a little wire lead and ran it out to the edge of the skull. It doesn’t need to be in direct light, but obviously it does need to experience some change in lighting conditions, and the bigger those changes are the easier it will be to select and adjust your trim pot.

The batteries will experience some drain even when the LEDs are off, but the LM393 is designed to consume very little juice. The voltage dividers take a little bit of power, but hopefully you picked elements with adequately large resistive values. If your in-light resistor networks both amount to 10K ohms apiece, your total system will consume about 1 milliamp at rest. Not bad! At that load, a fresh CR2032 should last for about 200 hours (less if the LEDs are activated, of course).

The LM393 makes for a fun little project — a nice way to build a night-light, or clean up an input signal to an Arduino, or just have something to mess around with on a breadboard. If you flip the two input pins, it’ll become a light detector rather than a darkness detector. It’s useful for almost any variable-voltage measurement of the analog world. I originally bought these components for a project designed to use a thermistor to tell me when a cup of coffee was a pleasant temperature for drinking.

So, somewhat far afield from skulls. But the nice thing about this application is that there’s really no precedent for anyone getting upset about mixing electricity and illicitly-obtained body parts.

halloween 2013

Well, that was great. It’s been a few years since I’d been able to throw a proper Halloween party — the Fickeweens of yore formed the start of a proud tradition, but without a venue my various skeletons’, giant spiders’ and fog machines’ annual appearance was relegated to a fun-but-sadly-professional office open house.

But Annie and Ezra bought a new place this year and heroically stepped in to fill the void. And we had a great time! I put a bunch of the pictures here; the best are probably the ones I collected from Instagram. Sorry, people who still believe in copyright! Let me know if you’d like me to pull anything down; my interest is just in making sure this stuff gets saved. And if I missed anything that you think I should have here, let me know about that, too.

The quality of costumes was very, very high — I was particularly thrilled by Josh’s obscure Hellboy reference. But there were a ton of great efforts present.

10524626925_f75d4077f5_n

In a departure from my streak of dressing up as supervillains with romantic problems (which, to be fair, is most of them), I went as Mr. Fantastic. I wanted to concentrate on the party, and this was relatively easy to pull off — just (yet another set of) Under Armour and a layer of white duct tape on top of part of my Omni-Man costume.

People did get a kick out of the electroluminescent panel I used for the logo on my chest, though. Like everything else that is good in this world, you can buy this material from Chinese vendors on eBay — it comes in various sizes and colors. Attached to an inverter — which requires a meager 2 AA batteries — it’ll change from a pink to a cool white glow. Pretty neat! You can cut the material down, too, but bear in mind the delicate nature of the foil that makes the electrical connections. Adhesives and solder won’t work — you’re going to need to clamp your connections. I found that paper binder clips did a good job. Conductive paint or glue might work, but I didn’t have any on hand.

An even more important Halloween costume innovation: the duct tape smartphone pocket. Man, what a quality of life improvement. Highly recommended! Add a little adhesive velcro if you really want to class things up.

I made one for myself and one for Steph, too — she put together a great version of Debrie-from-Arrested-Development-as-Sue-Storm, making for what I think was a quite successful (if slightly textually complicated) couples costume.

Anyway! More on this year’s specific decorative efforts in a separate post. For now: many thanks to everyone who came out; to Annie and Ezra for opening their house to this stupid hobby of mine (and buying everyone beer!); and to Steph for putting up with my weird obsessiveness these past few weeks.

the shutdown was a bit too much fun

I should perhaps confess that on September 11 last, once I had experienced all the usual mammalian gamut of emotions, from rage to nausea, I also discovered that another sensation was contending for mastery. On examination, and to my own surprise and pleasure, it turned out be exhilaration. Here was the most frightful enemy–theocratic barbarism–in plain view… I realized that if the battle went on until the last day of my life, I would never get bored in prosecuting it to the utmost.

Christopher Hitchens made that ugly little confession. Today, safely on the other side of the government’s two week shutdown, I’m feeling a similar shame.

The embarrassing truth is that for those who work in and around politics, the shutdown was great. It was something to gossip about, write about, get indignant about. It was exciting! And it was good for business.

For the press, acknowledging this is easy enough: that discipline has had a lot of practice at explaining its responsibility to document travesties without averting them. Here’s Robert Costa making the transition from “guy who works with Jonah Goldberg” to “conservative press corp dean / less creepy reincarnation of Bob Novak.” He’s far from the only writer lamenting-the-shutdown-but-not-really:

The effect exists outside of the media. The shutdown was good to those of us who occuppy ourselves watchdogging the government. Here’s my friend Josh Tauberer, who runs GovTrack.us:

I can sympathize. Sunlight’s blog saw a modest 10% boost in traffic during the shutdown relative to the two weeks preceding it. But our iOS and Android mobile apps, which provide information about Congress, saw usage spikes of 186% and 195%, respectively. We don’t sell ads, but our funders care about those numbers. And I’ve probably fielded more press calls in the last two weeks than the preceding six months (admittedly, many of these have been about healthcare.gov’s failures, not Congress’s, but I think that’s still in the neighborhood of profiting from human misery).

Perhaps unsurprisingly, the people most responsible for the shutdown have benefited from its effects, too. We’re still tallying the latest quarterly numbers, but anecdotal reports indicate that the crisis helped people like Ted Cruz raise a lot of money. Fundraising emails from both parties latched onto the shutdown as a moneymaker right from the start.

I spent the final days of the shutdown at a conference in San Francisco, where I gossipped with a fellow traveler about a shared acquaintance’s new-ish cable news show, and how a shutdown-prompted ratings boost had taken it safely off the bubble. And Twitter analytics tell me that I went from an average of 12.7 tweets per day to a manic 17.8 during the shutdown! Oh, the fun that I had!

This wasn’t true for many people who depend on a federal paycheck. Although my girlfriend was glad enough to have a nasty deadline moved by the shutdown, when I callously referred to “workers being paid for sitting around doing nothing” on an internal office listserv, I invited several deservedly angry replies from the spouses of feds. My friend Dave is a Capitol Hill staffer; for him this episode has meant incredibly-longer-than-usual work days and the possibility of a nonsensical pay cut (staffers are already badly underpaid).

And this is to say nothing of the cancer patients who had to delay treatment, or the people on SNAP and WIC who faced the very real prospect of going hungry because of Washington’s preening.

It’s not that I think we should be ashamed, exactly. I’m genuinely proud of the work that I and my colleagues did during the shutdown. People wanted the information we provided. We think it’s important, and we’d have been fools not to respond to a sudden surge of public interest in the mission we pursue every day. I think that every non-legislator mentioned above should be proud of the work they did, too. I was disgusted by this crisis, and I said so, but I couldn’t stop it–none of us could.

But it’s worth owning up to the fact that the incentives within the D.C. media-nonprofit-industrial complex are terrible. S&P says this escapade wasted $24 billion. We have to stop doing this. Removing these processes from the realm of human theatrics, gossip and competition will be a necessary component of that change. Mostly, that means getting rid of the debt ceiling and electing better legislators. But part of it might also be about having less fun.