Older blog entries for apenwarr (starting at number 33)

Embed me some HTML, Please

I was sitting today, thinking how unfortunate it is that C/C++ don't have any string quoting operators other than double-quote. I mean, designers of all sorts of languages since then (perl, in the especially extreme case) have figured out that if you want to print double quotes, that's just no fun at all.

Then I realized I was wrong.

#define qq(s) #s

int main() { printf(qq(blah blah\n "quoted" stuff (and some parens) with newlines)); return 0; }

Try it. It works.

(Super)freeswan Super Sucks

...but the world is a better place thanks to ipsec_tunnel and patch that makes isakmpd work with it.

IPsec is a grotesque horror story which barely works and is too complicated to be provably secure. That's bad enough, but when crazy bad-quality programmers get into the picture, you get total nastiness - that is, Freeswan.

On the other hand, ipsec_tunnel is downright straightforward, but only because it skips the key negotiation stuff, expecting you to do it yourself. And isakmpd is actually pretty wonky, but only because it has to do a truly startlingly huge amount of complicated negotiation just to make things work out. I'm pretty sure they made it as configurable as they did just so you have to suffer a little bit, just like they did. But other than the big long boilerplate config file (containing words like "QM-ESP-3DES-SHA-PFS-SUITE"), the programmers are pretty certifiably Not Insane.

And after spending more hours today fighting with bugs in freeswan's pluto daemon, I could definitely use some of that.

Meanwhile, we're thinking of taking my age-old Tunnel Vision and making it use IPsec (ie. ipsec_tunnel, in this case) as the packet-transfer layer. That could have the major advantages of throwing out stupid horrible IKE, plus it would let you auto-negotiate routes like Tunnel Vision always does and IPsec never did. The ESP (tunnel) part of the IPsec standard isn't so bad; it's the key negotiation that sucks, so why not let SSL do it for me? Of course, it wouldn't really be IPsec-compatible then.

The other choice is to keep IKE and add a layer on top of that. The advantage there is that you can gracefully fall back to plain IPsec if the other guy doesn't have Tunnel Vision. But that solution makes me feel guilty, because then I'm just making a bad thing even worse. Oh well...

Meritocracy

Blech. Capitalism is just a fancy meritocracy, and look what you get. When the judges of merit aren't worthy of merit themselves, weird things happen.

And speaking of capitalism...

I've confirmed it. Spending money doesn't cause happiness, only earning it does. So if earning your money doesn't make you happy, then do something, quick: it's not getting any better from there.

Alas, poor Advogato...

If only you had had System ER. :)

But it's good to have it back. Otherwise I would have had to go through the probably trivial effort of installing NITLog, followed by the non-trivial effort of collecting and converting my previous diary entries, and the depressingly large effort of coming up with my own CSS stylesheet.

25 May 2004 (updated 25 May 2004 at 01:09 UTC) »
Corporate Morality

Okay, so everyone at work is talking about The Corporation lately, so, as the local representative of the local corporation, I might as well throw in my two cents.

There are two important things to understand about this documentary. First, it offers no evidence for any of its claims; its examples are standalone examples, easily countered by hundreds of examples of non-evil corporations that didn't do any of those things. Of course, the movie doesn't claim to be making claims; it's offering facts. It's just that they expect you to make certain conclusions from their set of facts, and you shouldn't, because there is no logical way to get from those facts to those conclusions. A implies B, but that doesn't mean that whenever B is true, A is true. Don't be confused! So my first point is that this movie is deliberately controversial in order to encourage conversation. You can't learn anything useful from the documentary itself, only from the conversations it causes.

Secondly, they horribly confuse morality and legality. The two are related, but not the same. Corporations are "people" from the point of view of the law; the "owners" of corporations are legally protected (for certain purposes), because the corporation takes the legal blame. Okay, yes, and there are lots of good reasons for this. But people take this one step further, and say that corporations are immoral or amoral because they (and their owners) don't have to take responsibility for their actions.

Wow! Stop! If I'm running a company, and my company does something against my moral standards, then I take moral responsibility. Morality isn't about punishment; it's about my conscience. I will (or should) feel just as bad whether I do something evil or whether I paid someone to do something evil at my request. If people running companies are immoral, don't blame the companies; blame the people.

As a person, I can do lots of immoral things that aren't legally punishable. These are the exact same things that corporations can do without being punished. On the other hand, if a corporation does illegal things, it can be sued, fined, imprisoned (legal sanctions), or put to death (shut down) - just like me.

Lots of corporations do lots of evil things, but don't be blinded into thinking this happens because of some unrelated laws that treat corporations like people. Corporations do evil things for exactly one reason - they're run by evil people. Fix the people, and you'll fix the corporations. Or make enforceable laws about specific evil things, and the corporations, like people, will have to comply.

19 May 2004 (updated 25 May 2004 at 01:09 UTC) »
Indirection

This weekend I was going somewhere Southwest of my apartment, so when I left my apartment, I started by going East.

Well, I wasn't in that big of a hurry.

I only went one block East, then I turned South, walked down that way, and went West to get to my destination.

The thing that interested me about this was when I realized I had never travelled that route before - the street one block East of my apartment is pretty nice, but I never use it. Everywhere I want to go is always to the West. I've tried pretty much all the routes that involve travelling "strictly non-East", but this time I got to see a lot of different, interesting things, just by allowing my path to stray a little bit.

I do have the tendency to overoptimize my travelling. I suppose most people do. This is why we need NonDirectionalFridays at work - although we often neglect them. That's dangerous, because it limits our perspective.

5 May 2004 (updated 25 May 2004 at 00:50 UTC) »
Que Sera, Sera

I've had the song Que Sera, Sera stuck in my head for days now. It's a nice, relaxing, relatively happy song, but it's actually terribly misleading. Whatever will be, will be? That's so depressing, and it's a self-fulfilling prophecy if you believe it. Who says it will be? jnc might blame Tao, but I'm not so sure.

Full Disclosure

I figured out the moral dilemma presented by my last post: what, specifically, makes People Hacking seem so icky?

The answer is that I didn't actually lie about anything (the only exception being that I didn't really find the contrast very interesting, but that's pretty minor) - but I didn't exactly tell the whole truth either. I let someone believe what they wanted, even though I could have told them the real truth instead. That's really akin to lying, and it's Generally Not Okay, particularly if you're good at it.

The right way to deal with people is to tell them not just the truth, but the whole truth, so they can make informed decisions of their own. Although nobody can ever present things in a truly objective way, it's pretty bad not to make your best effort at it. (There appears to be an exception to this rule, however, with questions of the form, "Does xxx make me look fat?")

So, in the interests of full disclosure, I should say something important about one of my previous entries. Several people have corrected me: it seems that Germans did not, in fact, invent tanks. They invented good tanks, which is not the same thing.

3 May 2004 (updated 21 Mar 2007 at 17:47 UTC) »
People Hacking

This weekend, me and a few friends went to see a short film. It was a pretty good film, but that's not the point of this story. After the (free) film screening, there was free wine and sushi for all comers, because it turned out that this was the first ever showing of the first ever film by this particular director, who was also the main actress in the film. Neat.

I stood around for a while among the wine-drinking sushi-eating people, which included my friends, and eavesdropped on some conversations. The director, meanwhile, was drifting between groups, asking people what they thought about the film. I noticed that she replied to almost every compliment by complaining about the contrast - it wasn't how it looked in the pre-screening; she couldn't decide if it was her own fault or if it was something fixable on the projector. I, of course, hadn't noticed anything about the contrast, which seemed fine to me, insofar as whites were mostly distinguishable from blacks.

Me and my friends also discussed some other things we noticed in the film, such as the colour, the use of different imagery, and so on. The film meant different things to different people, which is normal in an artsy film like this. I memorized some of those things.

Eventually, I gathered up the courage to greet her myself. I started: "Hi, nice to meet you. I thought your film was really good - but I found the contrast particularly interesting. Did you do it that way on purpose?" Well, that certainly got her attention. I then tried out some of the post-analysis I had gathered from my friends, and I could tell she was pretty impressed. I knew this because she asked, "Are you studying film?" "No, I'm a computer engineer." "Wow, well, you're certainly observant. Most of the people here just give me empty compliments and tell me how nice it was, but you really have an eye for detail."

I'm not, of course, particularly observant, and I still don't know anything about contrast. The point of this story is that I don't have to. I do know about other things, and I learn more every day - and against my will, the sum of this knowledge gives me the ability to lead, mislead, encourage, discourage, all by putting the right words and actions in the right places. I used to avoid people and play with computers because they were so predictable, while people were incomprehensible. I'm always disillusioned to find out that people can be understood and controlled just as easily. And it's much easier than programming, actually. Perhaps that's the saddest thing of all.

While you weren't looking, Javascript became a real programming language

Prototype-based object-orientation, component interfaces, first-class regexes and iterators, anonymous functions, a built-in HTML parser and streaming multi-connection, asynchronous HTTP retriever, an event-based programming model, and a built-in standards-compliant UI library (ie. the web browser). Not to mention a worldwide repository of open-source sample programs.

If you're like me, everything you think you know about Javascript is wrong. Last week I spent a few days actually reading through the latest relevant standards (HTML4, CSS2, DOM2, Javascript 1.5) and writing some test programs ("html pages") to try them out. I discovered two amazing things:

- IE 5.5, Mozilla 1.5, and Konqueror 3.1 all mostly comply with all three standards. There is a common useful subset of those standards supported just fine, without random variations, by all three browsers. (Give up on Netscape 4 support. It's stupid. Nobody uses it anymore. If they do, just send the losers home.) By the way, Javascript is implemented just fine in all browsers. All real-life problems are mistakes in implementing CSS2 or DOM2, not Javascript itself.

- You can write useful programs using Javascript and DOM2, and those programs aren't even ugly anymore. Really! I mean, you can say things like "document.forms.myform.mybutton.background = 'blue'", and you can pass buttons, forms, tables, rows, columns, or anchors into functions or objects that do things to them. How much more sensible can you be?

In the process of my testing, I wrote a function that easily sorts any HTML table by any column you click on, another function that automatically applies alternating CSS styles to alternating rows in all tables in your document, and another one that retrieves an HTML file, parses all URLs from its content, and dumps those into a listbox. It took a bit of work to "discover" the subset of DOM2/CSS2 that is supported by all browsers, but in the end I didn't need *any* weird browser-specific conditionals to make it work. You hear me? None!

Kudos to Microsoft

Congratulations to Microsoft, by the way, for getting more than 80% of the people in the world to use IE 5.5 and higher, and thereby nearly eliminating the need to support any non-DOM2/CSS2 browser. Microsoft may or may not have gotten their browser share by being evil - but they got people to *upgrade* their browsers by being amazingly good. IE 6.0 isn't noticeably slower than IE 4, it runs on Win98 and later (and I think IE 5.5 works in Win95, even), and upgrades are free. Those things put together mean that we can have what Mozilla promised but never delivered - a world in which everyone of interest is running a standards-compliant web browser.

CSS is designed by idiots

While Javascript and DOM2 are works of genius, I have nothing at all good to say about CSS. Without going into too much detail, I'll say that the following is an extension, added in CSS3 (yes, version 3.0 of CSS, which nobody supports yet) to allow odd-numbered rows to have a different style than even-numbered rows:

tr:nth-child(odd) { /* stuff */ }
tr:nth-child(even) { /* other stuff */ }

That's right. CSS is so bad at representing what it wants to represent that it needs a *special extension* just to be able to identify even/odd rows. Javascript is simple, easy, scriptable, and because of the lousy tag-matching model, more browser CPU time is spend rendering CSS2 than running Javascript that does the same thing. Somebody deserves to be shot.

Holistic Management

As I learn again every day, the art of management is not really about telling people what to do. It's about making people think the way you want, so that they automatically do the right thing without even consulting you about it. A little nudge here, a little nudge there. Politics, I guess, is even more subtle.

And then one day, you notice that big parts of the world are doing exactly what you want without you nudging them first, and it starts to seem a little suspicious. Who, exactly, is the one being managed?

24 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!