How to build the perfect man bun

Note: this is not to be confused with how to build the perfect man buns, which is an entirely separate topic and not one I will be addressing any time soon in this blog.

  1. Grow your hair out to at least 10 inches in length. This may take you a while. Any length above this is also fine.
  2. Wash your hair. Yes, this really does matter. Any shampoo will do, but do not use conditioner or a shampoo+conditioner combined product - you don't want smooth conditioned hair.
  3. Blow dry hair, thoroughly. Comb out so that it is moderately straight. Don't add any styling product.
  4. Obtain a pair of hairdressing scissors, either new or well sharpened.
  5. Visit any workplace with large rotating machinery.
  6. Holding the scissors firmly, carefully lower the end of your hair into the rotating machinery. Once it obtains a grip, frantically shear away at your trapped hair with the scissors until your head is free.

The net effect should be a lifelong aversion to having long hair at all, let alone a man bun.


ISIS and the matriarchy

Dilbert cartoonist Scott Adams has stuck his oar into a conjunction of the current fiery discussions around a) the treatment of women in the workplace and b) how to handle ISIS with a blog article titled, discretely, Global Gender War:

Now compare our matriarchy (that we pretend is a patriarchy) with the situation in DAESH[ISIS]-held territory. That’s what a male-dominated society looks like. It isn’t pretty. The top-ranked men have multiple wives and the low-ranked men either have no access to women, or they have sex with captured slaves.

There's no way this could possibly be controversial, amirite?

Adams has started a new blog series today on the question "Is the United States a Patriarchy or a Matriarchy?" where his evidence for "Matriarchy" is moderately compelling so far: "Women have the most political power in the United States because more women than men vote". True, we haven't had a female President yet, but it's not obvious that this is because they're being discriminated against. Personally, I'm astonished that Hillary Clinton has got as far as she has given all the shenanigans she has been involved in, which would have torpedoed any other candidate's aspirations before starting, and how astonishingly un-gregarious and un-likeable she is.

Anybody remember Democrat hopeful Gary Hart in the 1988 campaign? Sunk without trace by an accusation of marital infidelity. Michael Dukakis who eventually became the nominee? Lost mostly because of an insufficiently warm personality. Hillary should have sunk without trace by now, and the fact that she's still the Democrat front-runner by far is a sign of how much leeway the population - and the media - is giving her. One can only surmise that it's because she is a woman.

Returning to Adams' original article, he points out that the gender pay gap in the USA doesn't really exist - as the estimable Tim Worstall has pointed out time and time again with respect to the UK, which (if anything) is more traditional than the USA. He addresses the assertion that women are interrupted more in meetings by pointing out that people who talk more are more likely to be interrupted, and while this is not a slam-dunk answer it's at least a point that suggests a need for more analysis. He also points out the strong societal push to give sanctuary to women and children from Syria, as opposed to young single men.

It's quite possible that Adams is completely wrong and that women are systematically discriminated against in the USA, but it's not obviously false.

Anyway, the point of the article is to contrast the USA against the vast majority of Middle East states which are indisputable patriarchies - really, would anyone like to argue the opposite? - and to hypothesize that one way that the Daesh/ISIS leadership are controlling their low-level followers is to restrict their access to good nookie on Earth with the promise of wonderful nookie in Heaven if they blow themselves up in the right place, with appropriate Koranic citations to back this up. Again, Adams' thesis is not obviously wrong. These men seem to have significant "issues" with women and something is motivating them to suicide, while the harems for their leadership are a matter of record.

If you're in any doubt about the position of Western women in the Middle East, read the travel guidance for women in Saudi Arabia:

- Women traveling alone are not allowed to enter the country unless they will be met at the airport by a husband, a sponsor or male relative.
- Women relocating to Saudi Arabia to marry, study or stay with a Saudi family need to be aware that leaving the country requires the permission of the Saudi male head of their household.

So if the hormone-crazed late-teen ISIS recruits can't get access to women because of the restrictions that their leadership imposes, Adams' assertion that he as a teenager in the same position would gladly strap on explosives to get access to the forbidden fruit is not obviously insane. Deliberately provocative, yes. But can those piling on Adams provide a more plausible explanation of the current suicide bombers' motivation?


The logistics of de-immigration

Eminent social justice activist Shaun King raises a pertinent point on the current topic (in the sphere of the US presidential candidate selection process) of what to do with the "immigrants of dubious legality" in the USA:

This is, as several people has observed, quite a hard problem.

The first problem you have is finding the immigrants, and this is probably the killer. You've got 360M people in the USA, illegal immigrants are 10M-20M in number by various estimates, so for every 1000 illegals found you have to trawl (naively) about 20,000 legal citizens - and at 450K illegals/month constant rate you're looking at 2 years to remove nearly everyone. So every month you need to annoy 9M legal residents at some level in order to meet your quota. As immigrant numbers fall, that number of recently annoyed legal residents will rise. You'll start with unobtrusive measures, but as time goes on you'll need to get more and more intrusive - and most of the annoyed legal residents are citizens, and can vote against representatives who are supporting this measure.

Then you need to make them leave the country. Detention is expensive, ask anybody in the Federal Bureau of Prisons - average is about $100/day and that assumes amortizing entry and exit costs over many months. The sooner you can export them, the better. You need to fund daily 1-way flights from a wide range of cities to the dominant countries of residence of illegal immigrants: Mexico (obviously), major nations in Central/South America, and Pakistan/India/Bangladesh. The immigrants won't be paying for this - they'd rather pass their US$ to legal resident friends and rely on that largesse being transmitted to their home country for later pick-up, at a generous margin. So the US government will be implicitly boosting illegal financial transactions as a result. Occupancy rate on those planes is going to be highly variable. Assuming average occupancy of an evacuation plane at 50% - realistically, you can't fill them with paying passengers, ask anyone in the UK - that $700 is a reasonable round trip fare to Latin America, and noting that the return journey will need to be empty (don't even think about eating the profit margins of existing airlines, there's no way this turns out well) you're spending about $700M/month just on the export. This assumes zero cost on detention and transport to the airport, which is "optimistic".

What's the end run around this? Make the illegals deport themselves. Illegal immigrants come to the USA to work and earn money for their family, with the (faint) hope that they can eventually stay. This might occur by having a baby in the USA who will be a US citizen, and applying for residency on compassionate grounds; alternatively they might eventually find an employer willing to sponsor them. So remove that attraction. There are definite areas of employment for illegal immigrants; it depends on the region, but generally agriculture (crop picking), daily manual labour and domestic service are the top areas. Focus tax audits on those areas, reduce the marginal cost of legal labor (e.g. by increasing the deductability of costs associated with a provably legal labourer) and watch the illegal employment rate plummet.

This isn't a free ride - the government will still need to fund the free no-questions-asked one-way flights home, but if they really want to make this happen then it's probably the cheapest way to achieve the goal. With no income, and easy access to return journeys to one's home country, the labour problem will mostly fix itself.

Of course, this reduces the government benefit of illegal employment - is an incumbent administration willing to forego all the income from illegal activity?


Go easy on the tea, Lewis

Mercedes F1 racing top talent Lewis Hamilton may be well advised to steer clear of cups of tea for a while after soaking Vlad Putin's suit in champagne.

It's possible that Putin will take this in the humourous way it was intended, but if I were Lewis I'd be looking around for a watch with a built-in Geiger counter.


The Silicon Valley Diversity Shitstorm

Talk about putting the cat among the pigeons. Journo Brian S. Hall wrote a short article about diversity in Silicon Valley: specifically "There Is No Diversity Crisis In Silicon Valley". It turns out to have been slightly controversial, as you can tell when you visit the original Forbes post:

The piece previously at this URL, titled "There Is No Diversity Crisis In Silicon Valley," published on 10/5/2015 [5th October 2015 for anyone using a sane date format], was deemed to have violated our Terms of Service and was removed.
Well, that's odd. What did it say? What could have violated the ToS?

Luckily, we can now read the original article on Brian's own site. An excerpt:

Silicon Valley doesn't just create greatness, it's probably the most open, welcoming, meritocratic-based region on the planet. Anecdotal evidence strongly suggests that disproportionately more Chinese, Indians, and LGBQT succeed in Silicon Valley than just about any place in America. Guess what? Everyone earned their job because of their big brains and ability to contribute.
The piece, to be fair, was rather heavy on anecdote. However in the ensuing Twitter blitzkreig there was some actual data posted including an illustrative stat on student study and degree achievements in STEM subjects which showed pretty clearly that white, Hispanic and black enroll in STEM programmes at about the same rate, but that the white students are disproportionately more successful in actually obtaining a degree. Asian students - of course! - enroll at twice the rate and obtain a degree disproportionately more often. So if you view a STEM degree as somewhat important in a Silicon Valley career then it's not entirely surprising that the ethnic makeup in SV correlates with those stats.

Anecdotally, Hall's assertions on race and LGBTQ seem about right to me, though I think he's missed a few letters off the latter term. The native Californians and other white Americans are distinctly in the numerical minority, and even obvious LGBTQ engineers are relatively plentiful. I also liked Hall's dig at the humanities as a contrast to "computer programming, engineering, chemistry — hard subjects that demand hard work", remembering the geography and history students lounging around after a couple of Finals exams early in the last semester after putting in a few strenuous 10-12 hour weeks, while the maths, physics and engineering students were still sweating away with 50 hour weeks revising for a series of painfully hard and objectively marked exams right at the end of the semester.

I'd probably take some issue with Hall's assertion that "Everyone earned their job because of their big brains and ability to contribute" - the latter is more aspirational than fact, SV hiring like anywhere else still has problems trying to determine whether someone who's obviously smart can actually be productive, and screws up that assessment reasonably frequently, but the basic idea is there. A SV company that does any discrimination other than by ability to do the job is going to shut off some of its source of talent, and in a hugely competitive hiring market that's a pretty dumb play.

Hall subsequently doubled down with the tweet

It's worth noting that Google CEO Pichai came from a poor family in India and rose based on brutal merit. Though he had problems with the humanities in school:
He was a brilliant student but his geography and history used to let him down so he was never top of the year.
That's probably what annoyed all the humanities graduates who piled onto Hall on Twitter... Although it's a little tricky to argue for a glass ceiling for minorities in SV given the above facts, it didn't seem to stop a lot of people from trying.

SV still has recruiting and retention problems, and I'd call out the experience of women in particular - the tendency of male engineers to act like baboons is off-putting to any women engineers who want to be something other than male engineers with a slightly different placement of genitals. But I don't find anything particularly jarring, scandalous or untrue in Hall's piece, so I wonder why exactly Forbes decided to withdraw it under pressure. If it wasn't pulled because of falsehoods, was it pulled because it was too true?


Some illegals more equal than others - California edition

In a conversation at work today, a colleague mentioned that her Iceland-born spouse needed someone to go with him to the local branch of the California Department of Motor Vehicles (aka the First Circle of Hell) because he had to take a test. There was widespread surprise at this - didn't he have a valid licence from another country, and wasn't this OK? Yes he did, and no it wasn't; as of 15th May, the California DMV will no longer issue temporary driving licences when you pass their written test.

For context on why this matters: for foreign citizens, when you move to California and become resident (paying rent / utility bills locally) you're required to get a driving licence within 10 days of this event if you want to continue driving in California. Up until May, this was straight forward: you went to the DMV, took their written tests - tedious but not too hard - then booked a practical test and in return got a temporary driving licence that you could renew if the test got postponed. The practical test took 1-3 weeks to reserve a reasonable slot until recently, but this year's announcement that certain immigrants didn't have to prove any legal residence status has caused a huge rush of applications and backlog of tests.

Now that foreign citizens don't get the temporary licence, they can't drive unaccompanied from day 11 of their residency until the date that they pass the (admittedly easy) driving test. Sounds like a bit of a regression, so what's going on?

Let's look at the requirements for California DMV form AB60 guidelines on proving identity if you're not already a Californian:

Foreign Document that is valid, approved by the Department of Motor Vehicles (DMV) and electronically verified by DMV with the country of origin:
  • Mexican Federal Electoral Card (Instituto Federal Electoral (IFE) Credencial para Votar – 2013 version)
  • Mexican Passport (issued in 2008 or later and includes digital photo and digital signature)
  • Mexican Consular Card (Matricula Consular – 2006 and 2014 versions)
  • Foreign Passport that is valid and approved by DMV (see page 4 & 5 for list of DMV approved passports). The customer must also provide his/her social security number (SSN) that is electronically verifiable with the Social Security Administration.

Well, that's tough luck if you're an illegal immigrant (i.e. not able to get a legit Social Security number because you're not a legal resident) and not Mexican, right? Luckily there's an alternative if you have a foreign passport but not an SSN: if you have one of the following then you're OK:
  • Argentinian Identification Card (Documento Nacional de Identidad (DNI) – 2009 or 2012 version)
  • Brazilian Consular Card (Carteira de Matricula Consular – 2010 version)
  • Chilean Identification Card (Cedula de Identidad – 2013 version)
  • Colombian Consular Card (Consular Registration – 2015 version)
  • Ecuadorian National Identification Card (Cedula de Ciudadania – 2006 or 2009 version)
  • Ecuadorian Consular Card (Tarjeta De Identification Consular – 2015 version)
  • El Salvadorian Identification Card (Documento Unico de Identidad (DUI) – 2010 version)
  • Guatemalan National Identification Card (Documento Personal de Identificacion (DPI) – 2012 version)
  • Guatemalan Consular Card (Tarjeta de Identificacion Consular – 2002 version)
  • Peruvian Identification Card (Documento Nacional de Identidad (DNI) – 2005 version)
Or you can show another foreign passport: so if you're a dual national then by my reading, you're sorted. Other than that, if you're not from Central/South America and don't have legal residence then you're pretty much sunk. Yay for the major South American nations, except Venezuela or Uruguay, but boo for anyone else.

To recap: if you're an illegal immigrant then you don't really care about driving illegally in the short term. But long term it could be a problem, which is why California has the above AB60 guidance about handing out driving licenses. If you're from Central/South America then they have you covered, otherwise they really don't seem to care. It's perfectly fine for a country to be antagonistic to illegal aliens (that's me struck off Shahid Haque-Hausrath's Christmas card list) but to be arbitrarily receptive to citizens of some countries and not others smacks of, oh I don't know, naked political favouritism?

And now legal immigrants will find it substantially harder to comply with the laws of the state that they're living in - and paying taxes to. Nice one, California.


Ideas that seem attractive but are corporate suicide

A huge loss for popular entertainment when Amazon successfully lured "Top Gear" hosts Clarkson, Hammond and May from the BBC: Apple were trying to hire them too:

Apple is said to have made an unprecedented bid to secure the stars of “Top Gear” when they exited their BBC series earlier this year. But Amazon ended up winning the bidding war for Jeremy Clarkson, James May and Richard Hammond in July.
Can you imagine that? Apple, headquartered in the terminally hip and politically correct city of Cupertino in California, recruiting Mr. Jeremy "Jezza" Clarkson, famous for such quotes as:
  • It's very fast and very, very loud. And then in the corners it will get its tail out more readily than George Michael
  • The problem is that television executives have got it into their heads that if one presenter on a show is a blond-haired, blue-eyed heterosexual boy, the other must be a black Muslim lesbian.
  • Britain's nuclear submarines have been deemed unsafe... probably because they don't have wheel-chair access.
being employed by Apple? Within one week the Apple PR and HR departments would have a "CLARKSON" page, printed on bright red paper bordered with exclamation marks, on the front page of their operational playbooks. The only potential upside for Apple is that Tim Cook, Apple's openly gay CEO, would know with a high degree of certainty what would take up 90% of the allocated time in media interviews, and he's probably got the self assurance to handle it in a relaxed manner - I'm sure he'd rather be asked about Clarkson than about working conditions in Apple's Chinese factories.

It's a crying shame that Amazon, headed by the Dread Pirate Bezos, won the bidding war. When Jezza goes on his next rant to terminally offend half the Western World (and about 0.1% of the rest of the world, who have more pressing and immediate concerns for their welfare than the spoutings of Clarkson), Bezos won't even raise an eyebrow; I can assure you that he doesn't give a bodily functional about the squeals of the masses, as long as Clarkson continues to rake in the dough.


Save the US Postal Service offices!

This is a corker. Today, while wandering past a Staples store in the South Bay I saw a bunch of people outside waving protest signs. Upon closer examination this turned out to be Stop Staples!, a campaign by the American Postal Workers Union (motto "Don't mention Seinfeld"). Staples is the same kind of store in the USA as it is in the UK, providing all kinds of stationery and office supplies. Since late 2013 the US Postal Service has been running a trial program with post office counters in Staples stores, staffed by Staples workers rather than APWU-unionized US Postal Service employees. Hence the protest. The APWU seems rather concerned that the trial program is about to expand.

Reading the AWPU background briefing on the protest is illuminating and amusing in roughly equal measures for anyone who has ever spent time in a US post office:

"Staples and USPS management are perpetrating a fraud on the people of this country," says APWU President Mark Dimondstein. "They are promoting the deal as though taking your mail to Staples is the same as taking it to the Post Office. "It’s not."
He's right, you know. If I go to Staples to make a purchase at the postal counter then I can reasonably expect to be in and out in ten minutes. For the regular post office - once I can find it and get a parking space - I'm budgeting a full hour and bringing a book.
Staples' low-paid, high-turnover employees get just four hours of "classroom" training for postal retail duties.
I don't know about "low-paid". In California they're subject to the state minimum wage which is $9/hour now and $10/hour from January 1st, and there seems to be a thriving demand for competent retail employees. And if the US Postal Service is paying as much as McDonald's for most of their counter staff, they - or rather, the US taxpayer who's funding them - are getting a really bad deal.
Postal workers must pass a test before they are considered qualified to work the window
I can only imagine that it involves the examiner locating a pulse on the worker, with a generous margin for error.

What this is about, of course, is that the APWU is terrified of its membership shrinking, and the associated contributions to the existing retirement plans falling. The USPS retirement plan (healthcare and pensions) funding is in a horrendously bad state as it is, and shrinking the operations, staffing and funding of the USPS will make this situation even clearer, the gap harder to plug, and the public less inclined to back additional federal spending to fill the hole. "Why do I care about the local post office? I go to Staples when I want to post something." The USPS is going to be left with just local letter delivery after Fedex and UPS takes the profitable parcel delivery, and the bulk of those letters are junk mail that the USPS loves for the money and the recipients hate for the spam.

Amusingly, around midday the protestors all left en masse. Presumably they were on their lunch break, a staple feature of US post offices in my experience. As soon as the lunchtime queues start to build up, the counter staff react by closing several of the open counters and wandering off, presumably to have a leisurely lunch. If they've got any eye to the future, I hope they're dusting off their resumés and looking to move to a counter position at Staples before the rush.

Let me quote the APWU leaflet again, in closing:

During the first quarter of Fiscal Year 2014 the USPS enjoyed an operating surplus of $765 million. But the agency’s good news was buried in most media accounts, which said the USPS suffered a loss of $354 million loss. The USPS reported losses for the first quarter of 2014 for one reason – the congressional mandate that requires the Postal Service to pre-fund healthcare benefits for future retirees.
Indeed, damn Congress for insisting that government businesses track their accumulated liabilities as well as their income...


The BBC asks "do people become more prejudiced as they age?"


Psychologists used to believe that greater prejudice among older adults was due to the fact that older people grew up in less egalitarian times. In contrast to this view, we have gathered evidence that normal changes to the brain in late adulthood can lead to greater prejudice among older adults.
There are certainly normal changes to the brain. We call that "life".

Old people have experienced more of life than when they're young, so they have more facts at their disposal to make judgements.

This isn't prejudice. It's postjudice. So the BBC approach of venerating the young and disapproving of the attitudes of older generations is precisely the wrong way around.


The spectacular kind of hardware failure

Gentle reader, I have attempted several times to pen my thoughts on the epic hack of the US Office of Personnel Management that compromised the security information of pretty much everyone who works for the US government, but I keep losing my vision and hearing a ringing in my ears when I try to do so. So I turn to a lesser-known and differently-awesome fail: the US visa system.

Since a computer failure on the 26th of May - over three weeks ago - the US embassies and consulates worldwide have been basically unable to issue new visas except in very limited circumstances. You haven't heard much about this because it hasn't really affected most US citizens, but believe me it's still a big issue. It seems that they're not expecting the system to be working again until next week at the earliest. Estimates of impacted users are on the order of 200,000-500,000; many people are stuck overseas, unable to return to the USA until their visa renewal is processed.

What happened? The US Department of State has a FAQ but it is fairly bland, just referring to "technical problems with our visa systems" and noting "this is a hardware failure, and we are working to restore system functions".

So a hardware failure took out nearly the entire system for a month. The most common cause of this kind of failure is a large storage system - either a mechanical failure that prevents access to all the data you wrote on the disks, or a software error that deleted or overwrote most of the data on there. This, of course, is why we have backups - once you discover the problem, you replace the drive (if broken) and then restore your backed up data from the last known good state. You might then have to apply patches on top to cover data that was written after the backup, but the first step should get you 90%+ of the way there. Of course, this assumes that you have backups and that you are regularly doing test restores to confirm that what you're backing up is still usable.

The alternative failure is of a relatively large machine. If you're running something comparable to the largest databases in the world you're going to be using relatively custom hardware. If it goes "foom", e.g. because its motherboard melts, you're completely stuck until an engineer can come over with the replacement part and fix it. If the part is not replaceable, you're going to have to buy an entirely new machine - and move the old one out, and install the new one, and test it, and hook it up to the existing storage, and run qualification checks... But this should still be on the order of 1 week.

A clue comes from a report of the State Department:

"More than 100 engineers from the government and the private sector [my emphasis] are working around the clock on the problem, said John Kirby, State Department spokesman, at a briefing on Wednesday.
You can't use 100 engineers to replace a piece of hardware. They simply won't fit in your server room. This smells for all the world like a mechanical or software failure affecting a storage system where the data has actually been lost. My money is on backups that weren't actually backing up data, or backing it up in a form that needed substantial manual intervention to restore, e.g. a corrupted database index file which would need every single piece of data to be reindexed. Since they've roped in private sector engineers, they're likely from whoever supplied the hardware in question: Oracle or IBM, at a guess.

The US Visa Office issues around 10 million non-immigrant visas per year, which are fairly simple, and about 500,000 immigrant visas per year which are a lot more involved with photos, other biometrics, large forms and legal papers. Say one of the latter takes up 100MB (a hi-res photo is about 5MB) and one of the former takes up 5MB; then that's a total of about 100TB per year. That's a lot of data to process, particularly if you have to build a verification system from scratch.

I'd love to see a report on this from the Government Accountability Office when the dust settles, but fear that the private sector company concerned will put pressure on to keep the report locked up tight "for reasons of commercial confidentiality and government security". My arse.


Courageous journalism at the BBC

I kid, obviously. When describing the current controversy over the Washington D.C. Metro refusing to take any "issue-oriented" adverts until next year just so that they can avoid showing the prize-winning "Draw Mohammed" cartoon, the BBC resorts to words rather than a picture to describe the salient image.

The advert calls for Americans to support free speech and features a bearded, turban-wearing Muhammad waving a sword and shouting: "You can't draw me!"
In reply, a cartoon bubble portrays an artist grasping a pencil and saying: "That's why I draw you."
How odd, you would have thought that they would have included an image of the cartoon rather than laboriously describe its contents.

Just to make the point, here's the image in question:

The spineless BBC writer isn't shy of displaying their orientation towards issues:

Ms Geller insists the cartoon is a "political opinion" which does not contain any violence.
Ms Geller is of course correct. There's no violence in that picture: the gentleman depicted is holding a sword, but that's as far as it goes. Yet the writer takes particular care to use reported speech and quotes, presumably to demonstrate that he or she is emphatically not in sympathy with Ms Geller or (mysteriously unnamed in the article) artist Bosch Fawstin.

Deary me. Truely, the BBC has resigned from actual journalism in order to be at the back of the line when crocodile feeding time comes around.

I'm really not keen on Pamela Gellar, but the rest of the world seems to be bending over backwards to make her admittedly extreme opinions seem really quite rational and reasonable. And we are surprised when Muslim extremism is emboldened by this obvious cowardice?


Delays are good for you - the MTA proves it

No, really, they do. New York's Metropolitan Transit Authority (something like Transport for London) has produced an outstanding video that shows why making some subway trains late makes others less late:

Yes, the idea is that sometimes delaying a train can prevent further delays by not compounding the gap between trains. Anyone who has waited impatiently on a hot subway platform might find this concept counterintuitive, but transportation experts generally agree that that the evenness of service is as crucial as avoiding individual delays.
The MTA video makes a compelling case. The key insight is that once a platform gets crowded enough, due to constant feed of new passengers and a delayed train, it becomes slower for the next train to debark and embark passengers. So an already delayed train gets more delayed as it progresses down the line. The solution? Spot a train that's getting near the critical delay time and give it priority to progress through the network even if this involves delaying other (less delayed trains).

It's a great example that, even in what we regard as relatively simple systems, there can be a complex interplay between entities that produce highly unintuitive results. Deliberately delaying trains can actually be good for the system as a whole (if not for the passengers sitting in the delayed train with their faces pressed into a fellow passenger's unwashed armpit).


You should care about moving to HTTPS

Eric Mill's "We're Deprecating HTTP and it's going to be okay" is a must-read call-to-arms for everyone with a site on the Internet, explaining why the transition from unencrypted web traffic (HTTP) to encrypted (HTTPS) is actually fundamental to the future existence of the democratic web-as-we-know it.

For the 90% of my reading audience who are already saying "Bored now!" here's why it matters to you. Sir Tim Berners-Lee invented HTTP (the language of communication between web browser and web server) in CERN, a European haven of free thought, trust and international co-operation. The 1930s idea that "Gentlemen do not read each other's mail" was - surprisingly, given the history of cryptographic war in WW2 - fundamental to HTTP; messages might have transited systems owned by several different groups, but none of them would have thought to copy the messages passing through their system, let alone amend them.

This worked fine as long as no-one was interested in the communication of harmless nerds about their hobbies, much as the government-owned Royal Mail doesn't bother to copy the contents of postcards passing through their sorting offices because they only contain inane drivel about sun, sea and sand. However, once people realized that they could communicate freely about their occasionally subversive ideas across borders and continents, and financial institutions woke to the possibility of providing services without paying for expensive un-scalable fallible human cashiers, many governments and other less-legal entities wanted to read (and sometimes alter) Internet traffic.

Mills gives two great examples of where HTTPS prevented - and could have prevented further - nation-state abuse of Internet content:

- The nation of India tried and failed to ban all of GitHub. HTTPS meant they couldn't censor individual pages, and GitHub is too important to India's tech sector for them to ban the whole thing.
- The nation of China weaponized the browsers of users all over the world to attack GitHub for hosting anti-censorship materials (since like India, they can't block only individual pages) by rewriting Baidu's unencrypted JavaScript files in flight.
And closer to home, Cameron's plan to make all online communication subject to monitoring is so stupidly illiberal and expensively pointless that it deserves to be made impractical by general adoption of HTTPS. GCHQ and friends can tap all the Internet traffic they like: if it's protected by HTTPS, the traffic is just taking up disk space to no practical purpose. Brute-forcing, even with nation-state resources, is so expensive that it's reserved for really high-value targets. GCHQ would have to go after something fundamental like a Certificate Authority, which would leave big and obvious fingerprints, or compromise a particular user's machine directly, which doesn't scale.

As long as users are still relaxed about the absence of a padlock in their browser bar, HTTP will continue to provide a route for governments to snoop on their citizens' traffic. So let's give up on HTTP - it has had its day - and move to a world where strongly encrypted traffic is the default.


You can't be too careful - car crashes

The class of systems with high distributed costs and focused but inadequate benefits is going to have another member: auto-calling police in the event of a car crash:

In the event of a crash, the device calls the E.U.'s 911 equivalent (112) and transmits to authorities important information including location, time, and number of passengers in the vehicle. An in-car button will also be installed in all vehicles. The eCall requirement will add an estimated $100 to the price of a car.
$100 on each (new) car sold: so how many new cars are sold in the EU each year? About 14 million in 2012. So this measure will cost $1.4 billion, and maybe $150 million in the UK. What's the benefit?
Each year nearly 26,000 people are killed in the E.U. by car crashes. This new device is estimated to reduce that number by 10 percent, saving 2,600 lives annually, by cutting down emergency response time by as much as 60 percent.
The cost of a life for purposes of safety varies by country and mode of transport, but let's take $1 million as the average. Given the quoted statistics, $2.6 billion saving (though optimistic, probably lower) comprehensively dwarfs $1.4 billion cost (though also optimistic, probably higher). Why isn't this a slam-dunk decision?

The problem is twofold: a) zeroing cost for lives saved, and b) the assumption of 10% saving. Let's consider each in turn.

If an injury is potentially fatal but not actually fatal due to timely intervention, it's almost always due to either early suppression of severe blood loss, or timely (within 1-2 mins) clearing of obstructed airway. The latter isn't relevant due to emergency service response times, so we only consider the former. This injured person will still need emergency treatment followed by several days of hospital care, and quite possibly follow-on care of injuries, rehab, and in some cases reduced lifetime tax payments due to reduced earnings and disability payments, so you're looking at order of $100K average costs. That's still not really significant.

However, consider a typical case where a life is saved: a car driver has an accident in the countryside when no-one is around. His car calls 112 and so the police (not the ambulance service initially, because they are too stretched to respond to wild goose chases) respond to his location. Seeing the crash they call for an ambulance which arrives 10-30 minutes before it would have otherwise arrived due to a passer-by report - people tend to notice a crashed car with no emergency services around it. He would have died due to shock (depletion of oxygen to the critical organs due to blood loss / asphyxiation / traumatic damage to heart and lungs) but the ambulance got there in time to oxygenate him and transport to hospital. Just how common is this?

Fatal road accidents rarely happen on remote roads - unsurprisingly, they happen where there are many more cars and roadside obstructions to run into. If an accident happens where passers-by are prevalent, this system doesn't help at all since nearly all passers-by have mobile phones. So we're only looking at a small fraction - 5% is optimistic - of accidents. The press release assumed 10%, so the benefit has already halved and is perilously close to the cost.

But bleeding to death is not a common cause of death from road accidents for drivers/passengers. Much more likely is traumatic head injury, which tends to kill them right there in the car. Unsecured drivers/passengers fly through the windscreen, or secured drivers/passengers bang their head against the car frame. This kills instantly, or in a few minutes. Another mechanism is the "third collision" where the car bangs into a tree (collision 1), the driver bangs into their seatbelt (collision 2) and then the free-hanging organs like lungs, heart bang into the drivers chest, or their blood vessels bang into ligaments that cheesewire them (collision 3). If you're in this situation and your aorta (the major blood vessel coming out of the heart) is damaged you can expect a 60%-80% chance of death no matter how quickly you get to the hospital.

Therefore, before we stick the European population with an extra $1 billion of annual costs, why don't we conduct a limited experiment introducing this requirement into a single country which is similar to another country in road crash death rates to see what effect, if measurable, this measure has? Or is the notion of trade-offs too alien to the EU?


Journos writing about trading and high-speed computing

I have to admit, this amused me - the Daily Mail trying to write about high-frequency trading:

Suspected rogue trader Navinder Sarao lived in his parents' modest home because it gave him a split-second advantage worth millions of pounds, it was claimed yesterday.
His family's semi-detached house in suburban West London is closer to an internet server used by one of the major financial exchanges, giving him a nanosecond advantage over rivals in the City.
Sarao, 36, was dubbed the 'Hound of Hounslow' after it emerged he lived at home with his parents, despite allegedly making £26.7million in just four years of dealing from their home.
And yet you'd think that renting a small flat in Slough and paying for Internet access there would have improved his speed advantage; at a cost of about £50K for four years, that would have been a bargain. Why, it's almost as if the Daily Mail journalists had no idea what they were talking about....


Active attack on an American website by China Unicom

I wondered what the next step in the ongoing war between Western content and Chinese censorship might be. Now we have our answer.

"Git" is a source code repository system which allows programmers around the world to collaborate on writing code: you can get a copy of a software project's source code onto your machine, play around with it to make changes, then send those changes back to Git for others to pick up. Github is a public website (for want of a more pedantic term) which provides a repository for all sorts of software and similar projects. The projects don't actually have to be source code: anything which looks like plain text would be fine. You could use Github to collaborate on writing a book, for instance, as long as you used mostly text for the chapters and not e.g. Microsoft Word's binary format that makes it hard for changes to be applied in sequence.

Two projects on Git are "greatfire" and "cn-nytimes" which are, respectively, a mirror for the Greatfire.org website focused on the Great Firewall of China, and a Chinese translation of the New York Times stories. These are, obviously, not something to which the Chinese government wants its citizenry to have unfettered access. However, Github has many other non-controversial software projects on it, and is actually very useful to many software developers in China. What to do?

Last week a massive Distributed Denial of Service (DDoS) attack hit Github:

The attack began around 2AM UTC on Thursday, March 26, and involves a wide combination of attack vectors. These include every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic. Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content. [my italics]
Blocking Github at the Great Firewall - which is very easy to do - was presumably regarded as undesirable because of its impact on Chinese software businesses. So an attractive alternative was to present the Github team with a clear message that until they discontinued hosting these projects they would continue to be overwhelmed with traffic.

If this attack were just a regular DDoS by compromised PCs around the world it would be relatively trivial to stop: just block the Internet addresses (IPs) of the compromised PCs until traffic returns to normal levels. But this attack is much more clever. It intercepts legitimate requests from worldwide web browsers for a particular file hosted on China's Baidu search engine, and modifies the request to include code that commands repeated requests for pages from the two controversial projects on Github. There's a good analysis from NetreseC:

In short, this is how this Man-on-the-Side attack is carried out:
1. An innocent user is browsing the internet from outside China.
2. One website the user visits loads a JavaScript from a server in China, for example the Badiu Analytics script that often is used by web admins to track visitor statistics (much like Google Analytics).
3. The web browser's request for the Baidu JavaScript is detected by the Chinese passive infrastructure as it enters China.
4. A fake response is sent out from within China instead of the actual Baidu Analytics script. This fake response is a malicious JavaScript that tells the user's browser to continuously reload two specific pages on GitHub.com.

The interesting question is: where is this fake response happening? We're fairly sure that it's not at Baidu themselves, for reasons you can read in the above links. Now Errata Security has done a nice bit of analysis that points the finger at the Great Firewall implementation in ISP China Unicom:

By looking at the IP addresses in the traceroute, we can conclusive prove that the man-in-the-middle device is located on the backbone of China Unicom, a major service provider in China.
That existing Great Firewall implementors have added this new attack functionality fits with Occam's Razor. It's technically possible for China Unicom infrastructure to have been compromised by patriotically-minded independent hackers in China, but given the alternative that China Unicom have been leant on by the Chinese government to make this change, I know what I'd bet my money on.

This is also a major shift in Great Firewall operations: this is the first major case I'm aware of that has them focused on inbound traffic from non-Chinese citizens.

Github look like they've effectively blocked the attack, after a mad few days of scrambling, and kudos to them. Now we have to decide what the appropriate response is. It seems that any non-encrypted query to a China-hosted website would be potential fair game for this kind of attack. Even encrypted (https) requests could be compromised, but that would be a huge red arrow showing that the company owning the original destination (Baidu in this case) had been compromised by the attacker: this would make it 90%+ probable that the attacker had State-level influence.

If this kind of attack persists, any USA- or Europe-focused marketing effort by Chinese-hosted companies is going to be thoroughly torpedoed by the reasonable expectation that web traffic is going to be hijacked for government purposes. I wonder whether the Chinese government has just cut off its economic nose to spite its political face.


What does "running your own email server" mean?

There's lots of breathless hyperbolae today about Hillary Clinton's use of a non-government email address during her tenure as Secretary of State. The Associated Press article is reasonably representative of the focus of the current debate:

The email practices of Hillary Rodham Clinton, who used a private account exclusively for official business when she was secretary of state, grew more intriguing with the disclosure Wednesday that the computer server she used traced back to her family's New York home, according to Internet records reviewed by The Associated Press.
It was not immediately clear exactly where Clinton's computer server was run, but a business record for the Internet connection it used was registered under the home address for her residence in Chappaqua, New York, as early as August 2010. The customer was listed as Eric Hoteham.
Let's apply a little Internet forensics to the domain in question: clintonemail.com. First, who owns the domain?
$ whois clintonemail.com
Registry Domain ID: 1537310173_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http://networksolutions.com
Updated Date: 2015-01-29T00:44:01Z
Creation Date: 2009-01-13T20:37:32Z
Registrar Registration Expiration Date: 2017-01-13T05:00:00Z
Registrar IANA ID: 2
Registrar Abuse Contact Email: abuse@web.com
Registrar Abuse Contact Phone: +1.8003337680
Domain Status:
Registry Registrant ID:
Registrant Organization:
Registrant Street: 12808 Gran Bay Parkway West
Registrant City: Jacksonville
Registrant State/Province: FL
Registrant Postal Code: 32258
Registrant Country: US
Registrant Phone: +1.5707088780
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: kr5a95v468n@networksolutionsprivateregistration.com
So back in January this year the record was updated, and we don't necessarily know what it contained before that, but currently Perfect Privacy, LLC are the owners of the domain. They register domains on behalf of people who don't want to be explicitly tied to that domain. That's actually reasonably standard practice: any big company launching a major marketing initiative wants to register domains for their marketing content, but doesn't want the launch to leak. If Intel are launching a new microbe-powered chip, they might want to register microbeinside.com without their competitors noticing that Intel are tied to that domain. That's where the third party registration companies come in.

The domain record itself was created on the 13th of January 2009, which is a pretty strong indicator of when it started to be used. What's interesting, though, is who operates the mail server which receives email to this address. To determine this, you look up the "MX" (mail exchange) records for the domain in question, which is what any email server wanting to send email to hillary@clintonemail.com would do:

$ dig +short clintonemail.com MX
10 clintonemail.com.inbound10.mxlogic.net.
10 clintonemail.com.inbound10.mxlogicmx.net.
mxlogic.net were an Internet hosting company, bought by McAfee in 2009. So they are the ones running the actual email servers that receive email for clintonemail.com and which Hillary's email client (e.g. MS Outlook) connected to in order to retrieve her new mail.

We do need to take into account though that all we can see now is what the Internet records point to today. Is there any way to know where clintonemail.com's MX records pointed to last year, before the current controversy? Basically, no. Unless someone has a hdr22@clintonemail.com mail from her home account which will have headers showing the route that emails took to reach her, or has detailed logs from their own email server which dispatched an email to hdr22@clintonemail.com, it's probably not going to be feasible to determine definitively where she was receiving her email. However, CBS News claims that the switch to mxlogic happened in July 2013 - that sounds fairly specific, so I'll take their word for it for now. I'm very curious to know how they determined that.

All of this obscures the main point, of course, which is that a US federal government representative using a non-.gov email address at all for anything related to government business is really, really bad. Possibly going-to-jail bad, though I understand that the specific regulation requiring a government employee to use a .gov address occurred after Hillary left the role of SecState (Feb 2013). Still, if I were the Russian or Chinese foreign intelligence service, I'd definitely fancy my chances in a complete compromise of either a home-run server, or of a relatively small-scale commercial email service (mxlogic, for instance).

Desperately attempting to spin this whole situation is Heidi Przybyla from Bloomberg:

OK, let's apply our forensics to jeb.org:
$ dig +short jeb.org MX
5 mx1.emailsrvr.com.
10 mx2.emailsrvr.com.
emailsrvr.com is, like mxlogic.net, a 3rd party email hosting service, apparently specialising in blocking spam. I'm not surprised that someone like Jeb Bush uses it. And, like Hillary, he isn't "running his own email server", he's using an existing commercial email server. It's not Gmail/Outlook.com/Yahoo, but there's not reason to think it's not perfectly serviceable, and it's not controlled by Bush so if they log or archive incoming or outgoing email his correspondence is legally discoverable.

The difference between Jeb Bush and Hillary Clinton of course, as many others note, is that Jeb is not part of the US federal government and hence not subject to federal rules on government email...


No cash for CASH

For those following along with our previous adventures with the prodnoses of Consensus Action on Salt and Health (CASH) their 2014 accounts make an entertaining read, with not a little schadenfreude.

Deprived of the £100K that our friends at the Marcela Trust sent in their direction in 2013, via OMC Investments, their fairly steady expenditure rate of £150K per year is maintained this year, but since their income was £30K rather than £140K they ended up with a £120K deficit in spending, eroding their capital down to £766K. At this rate, in 6-7 more years they will be out of funds and out of luck. It seems that no-one really likes CASH or wants to give them money in any quantity - at least, not while the world is watching.

The note in the "Movement in funds" section on p.33 is amusing:

The designated fund will provide working capital to the charity to enable it to continue its unique activities whilst the trustees implement their fundraising strategy.
Yes, I'd be interested in what that strategy is going to be. Are they going to try to tap government funds in the classic fakecharity game - lobby the government to give them money to lobby the government? I'll be watching the CASH website and their subsidiary organisation Action on Sugar to see what they're up to.


Net neutrality - be careful what you wish for

I'm driving my forehead into an ever-deepening dent on my desk in despair at the news that the US Federal Communications Commission has approved new rules governing net neutrality in the USA. This may seem like the sort of news that a progressive geek like your humble bloghost would welcome, but it turns out to involve some inconvenient wrinkles.

The EFF, guardians of liberty, were originally cheering on behalf of net neutrality. Then, 2 days ago, they started to get a little concerned with some of the details being proposed by the FCC:

Unfortunately, if a recent report from Reuters is correct, the general conduct rule will be anything but clear. The FCC will evaluate "harm" based on consideration of seven factors: impact on competition; impact on innovation; impact on free expression; impact on broadband deployment and investments; whether the actions in question are specific to some applications and not others; whether they comply with industry best standards and practices; and whether they take place without the awareness of the end-user, the Internet subscriber.
In essence, the proposed rules for Net Neutrality gave the FCC - a US government agency, headed by a former lobbyist for the cable and wireless industry - an awfully wide scope for deciding whether innovations in Internet delivery were "harmful" or not. There's no way that this could go horribly wrong, surely?

Broadband in the USA

Now, let's start with the assertion that there is an awful lot wrong with broadband provision in the USA currently. It's a lot more expensive than in the UK, it's almost always supplied by the local cable TV provider, and in general there is very little if any choice in most regions. See the broadband provider guide and choose min, max of 1 - there's an awful lot of the USA with monopoly provision of wired high-speed internet.

The dominant ISPs with high-speed provision are Comcast, AT+T, Time Warner, CenturyLink and Verizon. It would be fair to say that they are not particularly beloved. Comcast in particular is the target of a massive amount of oppprobium: type "Comcast are " in your favourite search engine, and you get autocompletion suggestions including "liars", "crooks", "criminals". American broadband is approximately twice the price of British, and you generally get lower speeds and higher contention ratios (you share a pipe of fixed size with a lot of people, so if your neighbours are watching streaming video then you're out of luck). As effective monopolies, ISPs were in a very powerful position to charge Internet services for streaming data to their customers, as last year's Comcast-Netflix struggle showed - and it ended with Netflix effectively forced to pay Comcast to ship the bytes that Netflix customers in Comcast regions were demanding.

Google's upstart "Google Fiber" offering of 1 Gbps (125 MB per second) fiberoptic service tells a story in itself. It's targeting a relatively short list of cities but has been very popular whenever it opened signups. It has spurred other broadband providers to respond, but in a very focused way: AT+T is planning to offer 1Gbps service, but only in Google Fiber's inaugural area of Kansas City which is impressive in its brazenness. Other community-based efforts are starting to bear fruit, e.g. NAP is proposing their Avalon gigabit offering in part of Atlanta, Georgia. However, most of the USA is still stuck with practical speeds that have not changed noticeably in half a decade. Entrenched cable ISPs have spent plenty of money on lobbyists to ensure that states and cities make it expensive and difficult for newcomers to compete with them, requiring extensive studies and limiting rights to dig or string fiber-optic cable to residential addresses.

So there's clearly a problem; why won't Net Neutrality solve it?

The ISP problem

Net neutrality essentially says that you (an ISP) can't discriminate between bytes from one service and bytes from a different service. Suppose you have two providers of streaming Internet movies: Netflix and Apple iTunes. Suppose Comcast subscribers in rural Arkansas pay Comcast for a 20Mbps service, easily sufficient for HD streaming video. Comcast controls the network which ends at their customers' home routers, and when it receives a TCP or UDP packet (small chunk of data) from their customers they will look at its destination address and forward it either to its destination - e.g. a server in the Comcast network - or to one of the other Internet services they "peer" to. Peering is a boundary across which Internet entities exchange Internet data. When data comes back across that boundary with the address of one of their customers, Comcast routes the data to the customer in question. So far, so good.

Now the customer is paying Comcast for their connection, so it's not really reasonable for Comcast to force them to pay more for more data above and beyond the plan they've agreed. If you've got a 20 Mbps connection, you expect to be able to send / receive 20Mbps more or less forever. Comcast might have a monthly bandwidth cap beyond which you pay more or get a lower speed, but that should be expressed in your plan. Comcast might weight certain kinds of traffic lower than others, so that when 20 people are contending for use of a 100 Mbps pipe traffic which is less sensitive to being dropped (e.g. streaming video) is dropped more often than more sensitive traffic (web page fetches), but that's all reasonable as long as you know how many people you're contending with and what the rules are.

Streaming video is one kind of traffic that's problematic for ISPs: it requires very little bandwidth from the paying customer. They send an initial message "I want to see this video" and then a low volume of following messages to control the video stream and assure the video streaming service that someone really is still watching it. From Comcast's point of view, though, they have a large amount of latency-sensitive traffic coming into their network from a peering point, so they need to route it through to the destination user and use up a large chunk of their network capacity in the process. If lots of people want to watch videos at once, they'll have to widen the incoming pipe from their peer; that will involve buying extra hardware and paying for its associated management overhead so that they can handle the traffic, as long as they are the limiting factor. (Their peer might also be the limiting factor, but that's less likely).

So the more data users stream concurrently, the more it costs Comcast. This can be mitigated to some extent by caching - storing frequently used data within the Comcast network so that it doesn't have to be fetched from a peer each time - and indeed this is a common strategy used by content delivery networks like Akamai and video streaming firms like YouTube. They provide a bunch of their own PCs and hard disks which Comcast stores inside its datacenters, and when a user requests a resource (video, image, music file, new operating system image) which might be available in that cache they will be directed to the cache computers. The cache will send the data directly if it's available; if not, it will download it and send it on, but store it locally so if someone else requests it then it's ready to send to them directly. This has the effect of massively reducing the bandwidth for popular data (large ad campaigns, "Gangnam Style" videos, streaming video releases), and also increases reliability and reduces latency of the service from the user's perspective, but costs the provider a substantial overhead (and operational expertise) to buy, emplace and maintain the hardware and enable the software to use it.

The non-neutral solution

If Netflix aren't willing or able to pay for this, Comcast is stuck with widening their pipe to their peers. One might argue that that's what they're supposed to do, and that their customers are paying them to be able to access the Greater Internet at 20Mbps, not just Comcast's local services. But Comcast might not see it this way. They know what destination and source addresses belong to Netflix, so they might decide "we have 100 Gbps of inbound connectivity on this link, and 50 Gbps of that is Netflix video streaming source addresses at peak. Let's reduce Netflix to a maximum of 20 Gbps - at peak, any packet from Netflix video streaming sources has a 60% chance of being dropped - and see what happens."

You see where the "neutrality" aspect comes in? Comcast is dropping inbound traffic based solely on its source address - what company it comes from. Only internal Comcast configuration needs to be changed. From the customer's point of view, Netflix traffic is suddenly very choppy or even nonfunctional at peak times - but YouTube, Facebook, Twitter etc. all work fine. So Netflix must be the problem. Why am I paying them money for this crap service? (Cue angry mail to Netflix customer support).

Net Neutrality says that Comcast can't do this - it can't discriminate based on source or destination address. Of course, it's not really neutral because ISPs might still blacklist traffic from illegal providers e.g. the Pirate Bay, but since that's normally done at the request of law enforcement it's regarded as OK by most.

The problem

The USA has handed the Federal Communications Commission, via the "general conduct" rules, a massive amount of control of and discretion in the way in which ISPs handle Internet traffic. It presumes that the FCC has the actual best interests of American consumers at heart, and is intelligent and foresighted enough to apply the rules to that effect. Given the past history of government agencies in customer service and in being effectively captured by the industries they are supposed to regulate, this seems... unwise.


Failing to listen to the sounds of Chinese silence

I was moved by an interesting yet flawed piece by John Naughton in the Grauniad, analysing the kinds of censorship applied by the Chinese government:

So they [researchers] clicked on the URLs associated with a sample of posts and found that some – but not all – had vanished: the pages had disappeared from cyberspace.
The question then was: what was it about the "disappeared" posts that had led to them being censored? And at that point the experiment became very interesting indeed. First of all, it confirmed what other researchers had found, namely that, contrary to neoliberal fantasy, speech on the Chinese internet is remarkably free, vibrant and raucous. But this unruly discourse is watched by a veritable army (maybe as many as 250,000-strong) of censors. And what they are looking for is only certain kinds of free speech, specifically, speech that has the potential for engendering collective action – mobilising folks to do something together in the offline world.

The study quoted is indeed interesting, and highlights one particular and significant aspect of Chinese censorship. Where Naughton fails, though, is in failing to note the unseen, and this is picked up by CiF commentator steviematt:

The Harvard research and Gary King's opinion are both flawed beyond belief.
It only factors the number of posts that were originally published and then disappeared over the course of weeks and months. It ignores the fact that most posts that are critical never have a chance of passing through the filters in the first place.
Indeed, Naughton fails to notice that many of the websites that the West takes for granted in being able to express their opinions are completely blocked in China. Within China, sites like Twitter and Facebook are essentially completely unavailable. YouTube: no chance. You can get to a limited set of Google sites (search and maps are on-and-off accessible in my experience), but it's very iffy. Blogger seems completely blocked. Bing search seems to work fine though. Why is that?

It's because if you are a western firm who wants to provide an Internet site within China, you have to partner with a Chinese company and accept the conditions of serving users within China - key in this is agreeing to provide identity information of your users (source IP addresses , times logged on etc.) at the "request" of the government. The case of Yahoo and the Chinese dissident Shi Tao is illuminating:

According to a letter Amnesty International received from Yahoo! (YHOO), and Yahoo!'s own later public admissions, Yahoo! China provided account-holder information, in compliance with a government request, that led to Shi Tao's sentencing.
Jerry Yang, then-CEO of Yahoo, got roasted by Congress for providing this information when this story came out. Truth be told, though, he really didn't have much choice - Yahoo had presumably agreed to these conditions when it started serving China-based users. If you don't want to play ball with those conditions, and it seems that Google, Twitter and Facebook don't, you're going to be serving outside China and prone to getting blocked by the Great Firewall.

So when Naughton comments "only some kinds of activities are blocked" it's actually in the context of "only some users are willing to discuss these kinds of activities on sites where they know the government has the right to waltz in and demand their details at any time" (before presumably visiting them at home and offering them an extended stay at a pleasant little camp out in the country, for a year or ten.)

Rumours suggest that Facebook might announce something aimed at Chinese users but it's not obvious how they're going to deal with the existing restrictions. Still, Zuckerberg's a smart guy and doesn't seem to be an obvious patsy for the Chinese regime, so it's possible he's got something clever up his sleeve. Stay tuned.


Mendacity from Amy Nicholson

In Slate, L.A. Weekly movie critic Amy Nicholson takes aim at deceased sniper and Navy SEAL Chris Kyle:

Take American Sniper, one of the most mendacious movies of 2014. Clint Eastwood was caught in a trap: His subject, murdered Navy SEAL Chris Kyle, lied a lot. In his autobiography, he said he killed two carjackers in Texas, sniped looters during Hurricane Katrina, and punched Jesse Ventura in the face. None of that was true. So Eastwood was stuck. Should he repeat Kyle’s lies as truth? Expose him as a liar?
Ironically her article is titled "Clint Eastwood's American Sniper is one of the most mendacious movies of 2014", because she clearly hasn't read Kyle's autobiography. In his autobiography he does not discuss either of the first two situations she describes, at all. The third situation is described, but Jesse Ventura is not mentioned (Kyle calls the participant "Scruffy" and although some of Scruffy's background is consistent with Ventura's, it's not an obvious link). So Nicholson seems happy with at least one of two situations: 1. making claims about a book she hasn't read, or 2) making knowingly false claims about a book she has read.

It's slightly clearer when you read the New Yorker article which she links because they report third person recounting of the first two stories: people who claim to have heard Kyle talk about them. Kyle may or may not have told these stories, and they may or may not have been accurately recounted by the third parties. The Scruffy story was later confirmed by Kyle in a video interview to pertain to Ventura, and a court subsequently decided that Ventura had been libelled by it. It's a pretty misleading recounting by Nicholson though, whether or not the claim turns out to be substantially true - if you aspire to being an actual journalist, one would expect you to have a clear understanding of 1st vs 2nd vs 3rd party sources and make the distinction clear in your articles. Perhaps Ms. Nicolson has no such aspiration and is happy being a partisan hack.


BBC booze bill shocker

The shocker is, it's extremely reasonable:

The Corporation stated that the figure related to 'non-production related and production related spend'.
It added: 'The total spent on alcohol for the period 1st October 2013 to 26th October 2014 with the BBC's single preferred supplier Majestic Wine PLC was £43,000.'

I'm not the greatest fan of the BBC's compulsory TV licence, but I really don't think that this is worthy even of a Daily Mail throwaway article:

  • Use of bulk supplier for savings: check
  • Cost per employee per year: £2 , eminently reasonable, no reason to think this is taxpayer-funded employee booze
  • Cost per day: £130 over all channels and events. That's about 3 bottles of Veuve Clicquot NV at Sainsbury's prices. Assuming the BBC allocates half a bottle per top echelon (MP, MEP, sleb) guest, that's 6 top echelon guests per day which sounds about right.
It comes as up to 50 MPs called for the licence fee to be scrapped and replaced with a voluntary subscription service in its place.
Talk about tenuous connections. This is possibly one of the strongest signals of thrifty BBC spending there is, and you're linking it to a call for licence fee repeal? Your logic is not like our Earth logic, Daily Mail.