10 August 2008

Pin the X on the Y: a generic web.bot.baffler

Befuddling robots is a topic of some interest to web.heads. Most everyone now uses some form of captcha to vet the humans from the bots.

We at the clue factory have come up with one better, and I really want to build it or get someone to help me build it (and release it open-source, of course). We call it "Pin the X on the Y" or "ptxoty" ("p'tox oh-tee") for short. Here's the idea:

A chunk of JS code defines an object that can be instantiated as many places as you like on a web page: new ptxoty({ args }). You point this object at URLs for several "target" images and a "backdrop" image. Both the targets and backdrop have a "hot" zone defined in them: a square of pixels of given width,height and at a given x,y. For instance, the backdrop might be a goofy cartoon of a cowboy, with a hotspot on the top of his bald head, and the targets could be images of different cartoon hats, with the hotspot in the obvious place: lining up the hotspot on any target with the hotspot on the backdrop should achive the effect of "pinning" the target "on" the backdrop in a meaningful way. One of the targets is defined to be the "right" answer. The combination of targets, backdrop and right-answer form the data of a single ptxoty "bundle", which could be packaged up however on the web server (in lots of little folders named e.g. "cowboy.ptxoty", "barbarian.ptxoty", ...).

The JS code, then, loads up the bundle and displays itself in some reasonable HTML element in the DOM. Instead of a Captcha where the user types something in, the user pins the X on the Y. If they pick the right answer, they have proven they aren't a robot. By having a great big pile of ptxoty's laying around (and constantly coming up with more), you can ask a different one each time. You could even generate them automatically with a little more thought, and there are many possible variations, but that's the basic idea.

If I ever finish working on my current project I will take a stab at ptxoty. If anyone else is interested in this idea and wants to work on it, please contact me, I'd be way more into it right now if I had some help...

07 August 2008

Religion, or whatever you can get away with

Religion's purpose is to keep people in line, to put a box around what they can reasonably expect to get away with in life while still being considered good people.

I have had more than my fair share of brushes with religion at various phases of my life, and am happy to say I've come out on top. We ended up going 19 of 21 falls instead of the traditional 2 out of 3, an epic match to be sure, but in the end religion tapped out and has to go suck its wounds somewhere else.

This is my vaguely humorous way of saying that I'm an atheist and was not always so. I am not, however, without my beliefs. In fact it is my constant (re)consideration of my beliefs that has led me to this place, so although there is no code involved, I feel this area is relevant to the broad subject matter of this blog: stuff that goes on in a hacker's head.

Whatever metaphysical or quasi-metaphysical beliefs I may or may not have can be summarized in the following two statements:

  1. The unexamined life is not worth living;
  2. Information wants to be free.
These two statements join together like two long and winding roads that fish-eye across each other through the salt marsh of life.

There's really nothing more to say, but I'm going to say it anyway.

The unexamined life is not worth living. Why are you eating that? Why did you choose to go to college? Why are those kids over there living in cardboard boxes and dirt while these kids here have beds and playstations?

Why ask "why?" I don't know how to answer this question, because I've never asked it. I've always asked "why," and have always found the answers unsatisfactory. There really is no other question, and the question either (a) has no answer or (b) has an answer that nobody likes.

When I was little I constantly asked "why" (like all little humans) and quickly came to the conclusion that nobody knew anything; this doesn't really help when you're 5, because you still haven't lost hold of the fact that you don't know anything, either. I don't know why (why? why?), but for some reason I never lost the habit of asking this question (it seemed like a lot of my fellow little humans did), I just stopped asking it out loud (maybe they did too).

There are no adults. The inmates are running the asylum. There are no good reasons for anything, and a lot of bad ones.

But let's just talk about ourselves for a minute. The unexamined life is one in which we never demand why even of ourselves. Sure, we can stop asking other people. They're not going to really answer us, anyway, they're just going to blow smoke up our asses and tell us to get back to whatever we're supposed to be doing. That's all well and good, but to stop asking ourselves why is to decide that we're pretty much done.

Yup, pretty much done. Good enough. Good as you're going to be. No more need of that pesky why, at least not until you start having health problems in middle age and are forced to consider the fact that you've wasted your time on chicken wings and shallow pursuits instead of developing your ability to think critically and face the world.

If you're lucky, that is. Growing up in Gaza or Congo for instance, can probably be a little more stressful for a lot of people than it is in the lazy old empire. I'm guessing there isn't as much time to worry about the finer points of your own well-being when faced with imminent extermination every day. Smoking might kill you, but land mines definitely will, and you don't get to choose where they lie. Yet, curiously, I would guess that more people lead examined lives in dangerous hell-holes than in comfortable, push-button burbclaves... it's probably my stupid optimism acting up again.

The examined life hurts, and the pain is both valuable and incommunicable to anyone else. You cannot hide anything from yourself, at least not without (coincidentally incredibly easy-to-obtain) brain drugs. If you get into the habit of asking yourself why you cannot stop. The voices won't let you.

I said these were quasi-metaphysical beliefs, right?

The examined life is thoroughly mortal. The more that I examine myself and my reactions to the world, the less I fear death. The more I realize how necessary it is. The idiotic and puerile notion that we should make it our goal to live forever by turning ourselves into gadgets is perhaps the most visceral example of just how shallow the unexamined life can or could truly be, and the worst part is that people like that think they're talking about the big questions... you know, Why are we here?

Silly humans. There is no why there. There is only onlyness. There is only us and our greed, laziness and selfishness, along with our humor, affection and concern. No number of gadgets, no amount of so-called hyper-evolution will get rid of them. We'll still be us, locked up in there, even more afraid of death now after having turned our bodies into gated communities with cops on the gates and a constant, furtive buzzing noise everywhere to keep us docile. Maybe we could spend all day blogging!

Alright so all this examined life stuff hurts. Why do it, then? Isn't it more rational to avoid pain?

I won't answer this question. If you're inclined to think that way, then I'm inclined to let you. Just remember when you pay the bill, leave a tip to help the next poor sucker on his one-way trip.

Information wants to be free. The examined life is like a hermeneutic circle: getting in seems like a lot of bother, but once you're in there's really no way out, nor does the idea of getting out make much sense.

But no matter, because information wants to be free, and that is no stupid circle. It is a freight train, and it's coming right at you, always. There is no avoiding it.

Many hackers have couched their views on this subject in economic terms, or perhaps political terms, and these are valid ways of thinking about it, but they are incomplete. There is something more. Information has always wanted to be free. Information will always want to be free.

Note that I say "information" and not "truth" or "justice" or whatever the hell. Information is a neutral world. It is not truth. It is not justice. It must be interpreted (okay, so we're back to hermeneutics, so sue me), but even sans interpretation it is ever-present, all around us. I mean this both literally and metaphorically.

If you don't want anyone to know something, then don't say it out loud or put it in a computer. If someone hears it, information wants to be free and they will tell someone else. If someone downloads it, information wants to be free and it will end up on all of their friends' hard-drives. I have frequently been amazed at how information flows and moves and snakes through the brains and lives and cell phones and computers of the populace.

It does so willingly, because people like to talk. Language is our favorite pet, our trustiest weapon, our best friend. We are born into words and love them without knowing it. Most people won't admit to gossiping, but the truth is that we all need to talk, to type, to jot, to sing, to tap out the things we feel and know and suspect and wish for. All of that is information, and it never remains unmixed or modified for long. We change things, embellish, elide, edit, and frequently want to pass along our edited and mixed renditions for the enjoyment of our peeps. How could we not? We're talking, hairless apes with thumbs and cell phones, it's only natural.

So yeah, information wants to be free because we have a need to push it around. But information wanted to be free before we existed, too. Information wants to be free because it cannot be otherwise. Language is information, but information is not necessarily language. The light from a dying star is information. The code written in DNA is information. Insert your favorite over-used analogy for information here, it's probably valid.

If information did not want to be free then keeping secrets would be easy. But information wants to be free, and keeping secrets is incredibly difficult, even in your own head. Information is not atomic. A secret in one's brain will necessarily find connections with other bits of information bouncing around in there. You might be fine for years, but one day you'll slip up. A dog barking will remind you of something you once smelled, and you'll tell the person you're having coffee with a real bloomer before you realize what's happened.

A secret on a hard-drive is only as good as the cryptography and security mechanisms in place to keep it a secret, and there is no perfection there. Not even close. Especially when human beings are running the computers. Hell, social engineering is based on the idea that information wants to be free, and is by far the most effective means of compromising pretty much any security.

To set yourself against the idea that information wants to be free is to give yourself a Sisyphean task. On the other hand, you can mitigate the effect of information wanting to be free by hiding things in plain sight. Emit large amounts of disinformation, contradictions and carefully designed (but plausible) lies and you can hide any information simply by making finding it difficult. Karl Rove knows this trick quite well. In fact, it's pretty much the cornerstone of the whole neocon approach to screwing the world over, and it is so effective precisely because it takes the fact that information wants to be free into account from the very beginning. No secrets are necessary when everything is true. We're spreading democracy, right? The press release says it right here, man!

06 August 2008

Flail, part 1: Why on earth would someone do that?

I read my mail using a program I wrote: flail. Its name is an indication of how the entire subject of email makes me feel. Even though I'm sure there are many non-hacker-types who share my pain when it comes to email, most of them would probably wonder: why on earth would you waste your time writing your own mail program?

Well, let's see. Perfectionism run rampant? A pathological need to control everything? Unhinged lunacy?

Actually, none of that (okay, maybe all of that). I'm sure that many popular mail programs started life out as someones private hack. However, writing your own mailer in a fit of pique and then sitting on it for 6 years before bothering to release it because you just can't stand to release something that isn't perfect is perhaps not entirely healthy.

I'm not interested in putting on some kind of public psychoanalysis theater here, but I'm sure there are other hackers out there like me, so my arguably silly attitude towards releasing my busted ass code might at least amuse them. The rub is: I have high standards and frequently do not meet them. If only I had gotten a fortune cookie in a restaurant that told me that 20 years ago I might have avoided a lot of grief, but nooo... "Your fate is in your hands" I get. "Fortune (cookie) favors the bold" a few times. "You have mu-shu sauce on your pants" on more than a couple occasions.

Bastard fortune cookies.

Anyway, not meeting one's own standards with great regularity might be nature's way of telling one to take it down a notch. Stop sweating all of the details all of the time. The documentation doesn't have to be perfect. It can be a little rough around the edges. Just relax.

As reasonable as all that sounds, I can almost hear a part of me that counters such stuff with things like: you can't unsay things once you say them... information wants to be free, and your losing code will haunt you forever... worse is better is a capitalist fairy tale... black is white ... backspace is delete ...

That voice always says "black is white... backspace is delete."

In the end, the idea that a hacker should have control over what happens in their computer is almost an unspoken assumption, bordering on a moral imperative. I've had email since before the Internet was called the Internet. If I can't get a mailer to sit up and do exactly what I want then - damn it - I should write one that does.

It's almost like I felt for the longest time as though there was no excuse for me to complain about software. I have the power to change it, so I've got no right to complain. Of course, exercising this hypothetical power requires sitting up to all hours of the night, rearranging glowing glyphs in an Emacs buffer and cursing under my breath.

No, wait, that's fun, isn't it?

Hacking, in the end, is really about discovery. What might I learn by writing my own MUA in Perl? Wouldn't it be cool to be able to map snippets of code across my mailbox?

The wouldn't it be cool effect secretly turns out to be a lot of the motivation for doing things like writing flail, as embarrassing and trivial as it is. It almost never turns out to be as cool as I think it will be. It almost always turns out to be way harder than I thought it would be. I inevitably end up hating the fact that I've put myself in a position where I have nobody else to blame or depend on but myself for whatever critical thing in which I find myself deeply, tragically embroiled.

Let's summarize: a desire to control everything, based on illusions of superiority and power, compels me to set off on a bogus voyage of discovery supposedly motivated by the coolness it will endow me with, only to find that I am led straight back to the quotidian, detail-mired hell of my own little digital life, where I must do nothing more or less than rely on myself. That's right, the book is full of mirrors, man!

05 August 2008

Never post at night

Never post at night, you always end up regretting it the next morning...

On the other hand, I love regrets. LOVE THEM.

This blog is an attempt to get myself off of my ass and write something down once in a while. Since I'm a hacker by trade, much of what concerns me lives inside of a computer, but my intention is to write posts that aren't only of interest to other gear-heads. Like a wise man once supposedly said, I like my cigar, but...