All your metaphors about computers are wrong

With the release of the raspberry pi, a lot of words have been flying around the information super high tubes about why getting children to learn to program computers is so important.

BBC’s click informs us that the first users of cars became enthusiasts and learned how they worked. We are told that using programs is akin to reading but that programming is akin to writing. The guardian tells us that children will learn to control computers rather than being controlled by them.

However, I think that all of these explanations fall far short of Dijkstras view that computers are “radically novel.” Meaning that no metaphor to previous technology can explain their relevance. Unlike the car, the VCR, the mp3 player, the word processor, the computer itself is a mathematical machine capable of “realising any mechanism that can be imagined.”

Until one understands the difference between pressing a button and seeing a light turn on as compared to the immense void of a blinking prompt that asks us to “imagine any possible mechanism” then our educational process is, ultimately, in vain.

Posted in hacking | 8 Comments

Commitment and Civil Disobedience

As long as our citizens and rebels perform protests limited to a day or two of non-violence and minor property damage, they will remain dilettantes in revolution, and tourists in their own land. As long as cold beer, hot food, television, and all the other amenities remain the expected norm, our conduct of the revolution will gain only impotence. We need fewer men, and better. If they were committed, this revolution could be won with a fourth of our present force.

Posted in politics | 1 Comment

We can’t sit idly by (and watch TV)

What are we supposed to do? Sit idly by and watch while evil happens in the world? When we are the only ones in the world to have been blessed with the unique gift of military might?

Well no, when we see evil happen in the world we should probably carry on doing it and then escalate it massively (as in Afghanistan) or maybe we should just increase our direct participation in it (as in Israel).

Failing that we might just sit idly by and not watch it (because it hasn’t been televised) as in Congo. To be fair our government had intervened to block any peacekeeping force from entering. Not to mention we were too busy playing on our Playstation 2’s which contained so many capacitors as to increase the global demand and therefore price of coltan reserves which substantially funded the escalating atrocities in Congo while millions of people were being massacred.

In the case of Gaddafis Libya which came in to power by overthrowing British and French colonialism after Libya had been “liberated” from the Italians it only makes sense that the UK, France and Italy should intervene. After all, if there was a civil war in Poland then Germany and Russia would be the obvious choices to stage an intervention.

We couldn’t possibly let a well respected country like Turkey go there, after all Turkey is weak right? Well they are a NATO member armed with sophisticated weaponry such as fighter jets supplied by the US. They certainly worked well enough to bomb defenceless Kurdish villages massacring hundreds of thousands of people and leaving millions displaced during the 90’s. Right at the time that we “couldn’t sit back and watch atrocities right on the border of NATO (in Kosovo)” but we could certainly participate in a much larger atrocity right inside NATO (in Turkey).

Posted in media, politics | Leave a comment

Why does the US so often back the bad guys?

To: Mark Mardell

CC: BBC News on-line. world desk


I enjoyed reading your recent article which asked “Why is it that the United States ..  has so often found itself backing the bad guys?” The answer seems fairly simple. They “back the bad guys” because that benefits their foreign policy objectives which are economic and strategic in nature. As they are in any rational foreign policy.

You then skip fairly lightly over some US bad guys, John Adams, responsible for the brutal conquest of Florida and the formulation of the Monroe doctrine. Also the later expansion of the US empire to include the entire continental land-mass and beyond.

You state that “the USA often found itself in bed with a promiscuous parade of the dodgiest of characters – dictators, torturers and thieves – whose only virtue was not being ‘Commies.'” I assume this includes the people responsible for the assassination of Archbishop Oscar Romero, the rapists and murderers of four church workers, six Jesuit priests and their housekeeper and her daughter, the US trained military death squads who “wiped-out entire villages.” Are you actually suggesting that these murders happened because the victims were “commies” and not because they represented a genuine, indigenous, liberal democratic political movement in favour of banalities such as feeding, clothing and housing the poor of El Salvador?

You then state that “the US never successfully pulled off the trick of encouraging genuine liberal democracies.” Can you give one example [from] history where the US attempted this anywhere NOT within an enemy domain? In other words, has the US ever promoted this in it’s own “sphere of influence” – for example El Salvador?

You correctly state that “Bush and Clinton did not urge people living in dictatorships in the Middle East and Central Asia to seize the freedoms newly enjoyed in the European east.” Can you imagine why this is? Do you not think that it might lead to the disastrous reversal of over 50 years of policy directed at acquiring control over the regions energy resources?

You then state that the neo-cons “targeted old enemies, never old friends” such as Saddam Hussein. Are you seriously suggesting Saddam Hussein was not an old friend? What was the US policy towards Iraq during the Iran/Iraq war then in your view?

Your conclusion begins by stating that “Mr Obama seems to genuinely believe that it is not the place of the leader of the world’s only superpower to pick and choose the leaders of other countries.” How does this explain US policy in Afghanistan where the Taliban would enjoy significant if not majority political support were free elections to be held?

You then state that “It will be interesting to see if he follows up with tough conversations with Saudi King Abdullah, Uzbek President Islam Karimov, Ugandan President Yoweri Museveni and other allies …” I won’t be holding my breath, will you?

You conclude that the “dilemma” remains because “any new Egyptian government that encompasses them would be less friendly to Israel, the peace process and the West in general.” We both know that US intervention in Egypt began with joint US/USSR backing for the Generals coup which ultimately removed British/French control over the Suez canal – a vital strategic asset. A US/Israeli war was fought to negotiate a treaty under Sadat for peace with Israel. The peace treaty effectively permits Israeli forces freedom of action in occupied Palestinian territory and in some 5 invasions of Lebanon since then. None of which would be possible if Egypt, the major Arab military force, had not been neutralised. This is reflected by Egypts status as the 2nd largest recipient of US military and economic aid (after Israel.) These are very significant elements of US foreign policy and surely weigh more heavily than anything on the other side of the “dilemma” pertaining to “democracy.” Can you seriously, hand on heart, believe that such strategic considerations are secondary?

You final statement is that “the danger of backing revolution and democracy is that the moral arc of the universe does not always bend towards American foreign policy interests.” – Perhaps that is why it is best not to directly support revolutions until after they have succeeded and there is something to gain from influencing their leaders. In this case, only time will tell.

Yours Sincerely

Gianni Tedesco

Passive consumer of the news product.

Posted in letters, media, politics | 1 Comment

Who can possibly know the risks of legal highs?

After watching the misinformational BBC show “how [intoxicating and illegal] drugs work” I was inspired to post a (one way) correspondence with the Guardian/Observer newspaper after they published the article “No one can possibly know the risks of taking these drugs” by toxicologist Dr John Ramsey who is featured in the MDMA episode of afore-mentioned TV show.

The above article was published in the science section of the guardian website. The article contains several serious errors, the term “risk” which is mentioned in the thesis is undefined and the categories used throughout are misleading. I guess my analysis is too lengthy for publication but I would very much appreciate your comments.

Within mankind exists the desire for bodily pleasure, and intoxication is one such pleasure. This creates a market for intoxicating drugs that has a substantial monetary value. Some intoxicants are legally prohibited. Prohibition leads to an increased risk for legitimate suppliers that stock may be seized by force of violence. This same risk creates an attractive business opportunity for suppliers who consider themselves capable of operating beyond the reach of law-enforcement. In response to prohibition, legitimate suppliers are marketing new intoxicants which are chemical analogues of prohibited substances that have similarly desirable bodily effects, or “legal highs.”

Dr Ramsey asserts in his article dated 26 April that “no-one can possibly know the risks of taking these drugs.” The article goes on to define one category of “controlled” drugs, namely those which are legally prohibited. The reader must therefore assume that the category of “uncontrolled” drugs includes alcohol, tobacco, epinephrine, methotrexate, paracetamol, caffeine, vitamin C, etc. However readers will be well-aware that the substances listed are subject to a diverse range of different controls. Since the proposed categories are misleading I will continue referring to “legally prohibited”, “prescription”, “over-the-counter ” and “food-standards controlled” drugs.

Ramsey correctly states that “minor [chemical] modifications might result in a dramatically different toxicity profile.” In fact, it is precisely this unknown status that creates risk. For example, the legal compound mephedrone has an unknown toxicity profile. On the other hand the prohibited compound MDMA has been subject to toxicity studies as-well as being in widespread popular use for decades. Other risks which are mentioned include impurity of clandestinely produced compounds as well as dishonest marketing which is necessary for legitimate suppliers to minimize their legal exposure. Since these risks are properties of legal prohibition and not of chemical compounds they cannot be counted as factors in a sensible toxicological-risk assessment.

Ramsey’s solution entails “honestly informing retailers and consumers of the risks” which is a commendable stance. This would be a more straight-forward task if we were able to clearly define risks and refrain from using deceptive and misleading categories. Since all of the mentioned risks are readily addressed by existing forms of “control” such as food and drug labelling standards, prescription controls  and age and setting restrictions, Ramsey’s conclusions are dubious. He omits to state that it is prohibition which causes excess public health risks. However, since all bodily pleasure is experienced as dangerous transgression; the mere perception of risk and immorality will, for many, only serve to enhance the enjoyment that is to be found in intoxication.

Gianni Tedesco.

Posted in letters, media, politics, the-war-on-some-drugs | Leave a comment

Two firesheep denial-of-service attacks

Much ado has been made of firesheep a tool which sniffs networks to find cookies so as to snarf logins from popular websites. Firesheep suffers from the usual flaws of hastily developed prototypes employing packet sniffing as a technique.

Denial of service one: As with prior generation of network IDS software, firesheep is stateless. This means that one can create large data structures on firesheep by sending one packet. The proof of concept fireflood.c shows just how easy this is. There is no validation one can do other than full TCP state tracking to mitigate this attack.

Denial of service two: Send a TCP segment with a short “data offset” field and firesheep will exit. Uncomment the code at line 329 in fireflood.c for a proof of concept. This attack can be mitigated by skipping over malformed network traffic instead of aborting.


Posted in hacking | 3 Comments

A few notes on wikileaks

Much has been made of the exposures of wikileaks. It should also be noted that out of all of their exposures relating to the Afghan and Iraqi adventures, no new significant criminal activities have been exposed.

In both cases, the governments involved in these imperial adventures are guilty in straight-forward cases of committing the supreme international crime: planning, preparing, initiating or waging a war of aggression. The crime for which nazis were hanged at Nuremberg and Tokyo.

Wikileaks founder Julian Assange states that exposures are intended to lead to “some higher level reform.” In the case of the Germans and Japanese, these reforms included letting guilty parties take a long drop from a short rope. Under international law the death penalty is reserved for criminals guilty of “only the most serious crimes.” Under the Nuremberg principles, these include the most serious crimes of state – in this case aggression. For which the guilty parties are responsible for “all of the evil which follows.”

For those unfamiliar with the principles, one need only turn to the Nuremberg archives.

Posted in media, politics | Leave a comment

Guilermo and Tarquins Adventures in Programming Land

Guilermo and Tarquin were sitting in Starbucks one day sipping on mocha latte frappucinos like a couple of fruity liberal dandies.

“Hello” said Henrietta, approaching their table with the nonchalant hipster gait of a bisexual art student barista. “Would you like to solve an ill defined mathematical problem for no apparent reason?”

“How will we know when we’re finished?” asked Tarquin.

“You don’t” retorted Guilermo.

“Sounds like my old job.” said Tarquin with an air of bitterness and cynicism that can only be gained from life experience.

Henrietta leaned over the table allowing a more-than-furtive glimpse of those heaving white mountains of flesh in the shapely form of female breasts for no expository reason other than to keep readers with an adolescent reading age hooked in to the story.

“Define a function f : STRING x INTEGER -> STRING which maps the space of all possible input tuples to a modified input string in which the length of no line exceeds the integer parameter. In other words, a line-wrapping function. You would TRY to break lines at word boundaries.”

Guilermo leapt from the table like a nimble fox and rummaged for a moment in his knapsack to produce a netbook which he promptly powered on and began writing a test-suite as a basis for his first solution.

“I always write something first and then try and make it correct at some later date” said Guilermo

“Were you the guy who left before I arrived at my old job?” thought Tarquin.

“Wait a minute,” he said to Henrietta, “couldn’t we just insert a newline for every second character unless the input integer is less than one? In which case return an empty string or loop forever.”

“No,” said Henrietta, “looping forever is not a function. It’s not even an algorithm. But you are right, the problem definition made no mention of maximising line length within the given limit. Let’s just assume I meant to say that.”

Tarquin planted his face in his palm thinking about “you and me and asses.”

At that moment Guilermo announced his first solution – it had passed 100% of a million randomly generated test inputs.

“Sweet” said Tarquin, “but with an infinite input space your confidence interval in the test result is still zero.”


“Yes, any positive integer divided by infinity is always zero. That’s the definition of infinity.”

“That’s some real zen shit” mused Guilermo with a slightly vacant stare on his face.

“I should have become a children’s story writer”

And on that epiphany he went home and dyed his hair purple.

Having sketched a provably correct solution to this simple problem on the napkin after taking 30 seconds to think it through. Tarquin paid the bill, said goodbye to Henrietta and went out cruising for girls with tight pussies and self-esteem issues.

“If you get it right the first time”, he thought, “you have time for good things, like going home to your family or writing the rest of the fucking project.”

Posted in hacking | Leave a comment

A brief note on the inadequacy of metaphors for computer security

Human beings are prone to thinking about the world in terms of innate common sense knowledge. An important basis of science is the acceptance that there is no reason to believe that  the world is understandable in such terms. This is why each new theoretical advance is often accompanied by new technical terms, which are often spelled the same as words in spoken language, but which have a technical meaning. For example the word “atom.”

When it comes to computer security the obvious common sense framework that people use to understand the issues are that of “protection of the bodily integrity.” It should be a truism that all humans share a common set of instinctual notions about something so important to the survival of the individual, that is, if we share some trivial assumptions about natural selection at least. I will argue that reasoning about computer security in these terms is at best misleading and in most cases, in fact, erroneous.

Firstly the set of metaphors I am talking about include – but are probably not limited to:

  1. Establishing a boundary between environment and organism to prevent entry of foreign bodies
  2. Parental supervision of the child to protect them from a hostile environment which they cannot possibly understand
  3. Healing and immune responses to trauma and infection

These metaphors are used, for example, in spoken language to describe the operation of “firewalls”, “sandbox” environments of various kinds and scanning for and “inoculation” against “viruses” and “worms.” While these are all fine metaphors for these specific cases it is not possible to use them in reasoned discussion in place of an understanding of their actual function. Approaches to computer security which intend to implement a general translation of these concepts are always doomed to failure.

Firstly, if one is to attempt to construct a general system of access controls to protect the resources (innards) of a computer from unauthorised users (foreign bodies) then one encounters a combinatorial problem of the highest order. That is, how to define where the boundary ought to be. This is because a computer is a “finite, but large, discrete universe.” Ways to achieve this have been an active subject of research for decades and one which is not likely to provide usable solutions any time soon. So any argument that a given system has achieved or implemented this goal is simply false. This argument applies equally to the bodily boundary and immune metaphor which is a more nuanced form of the same metaphor.

In the immune case the metaphor is further weakened by the possibility of the body allowing for some small corruption since the bodies components have finite life-span and some ability to re-generate in any case. The computer, on the other hand, is a mathematical construct who’s state may be permanently corrupted by malicious outsiders. Such damage may be vastly out of proportion to the size of the intrusion since consequences are a result of mathematical functions and not linear metabolic processes. A re-generation of the state may be achieved via backups or re-installs, but these may themselves have become corrupted or, more likely, are out of date by the time an attack has been detected. That is because the make-up of a computer system may be highly dynamic which means, for example, that you have lost all transactions since the last backup. Therefore an automated process for reverting to such known-good state may place the system outside of it’s desired operating parameters making the activation of that system a vector for attack in itself. Which is, in fact, true of the human immune system at least. Also the functionality of a computer system may change fundamentally over time (ie. total change of software, modifying fundamental function and purpose) whereas the structure of life-sustaining bodily functions are necessarily invariant meaning that re-generation is a tractable problem.

Secondly, any monitoring system which is designed to monitor a computer system and intervene to prevent harmful or malicious activity is necessarily as complex or more complex than the system it is monitoring and therefore requires it’s own monitoring system. Any argument that a given system achieves this is simply false by virtue of it’s logical impossibility due to an argument of infinite regression.

This is not a survey of misuse of such metaphors but it is a broad response which covers the most often misused lines of argument. An exhaustive survey would probably debunk the majority of anything ever written on the subject of computer security so a normal human being would be loathe to commit to such a vast undertaking. Haha.

Posted in computer-security | Leave a comment

Voters face “nasty shock” if government economic policy succeeds

From:     Gianni Tedesco
To:     Hugh Pym, Chief economics correspondent, BBC News
Cc: at bbc
Subject:     re: Will the coalition deliver on the economy?
Date:     19/08/10 12:56:23

Hi Hugh,

In the above mentioned article you assert that “even the critics would
concede that Chancellor George Osborne has embarked on a rapid and
ambitious programme of change.” It’s interesting that you call that
position critical.

In the next para you correctly state that “the need to reduce government
borrowing was an over-riding and urgent priority for the new
administration.” Unfortunately this is not a priority for the electorate
or the public at large. Most people have not lent any money to the
government so stand to gain nothing if debt is repaid. In fact
dismantling of public services and reduction in state spending is
detrimental to most, if not all, people who live in this country.

After detailing various political shenanigans the new government had
used to push through their plan while minimizing public, and even
parliamentary, interference. You finally seem to conclude that the
treasury “faces challenges” if it is to “succeed” in it’s mission. But
then imply that their definition of “success” would be a “nasty shock”
for voters.

Could you speak more about that in a future article?


Gianni Tedesco

From:     Hugh Pym
To:     Gianni Tedesco
Subject:     RE: Will the coalition deliver on the economy?
Date:     19/08/10 17:58:22

Thanks for your comments Gianni    Forgive me but I am not quite sure of
the point you are making.  Are you saying I should say more about the
impact of cuts on ordinary voters?

Thanks Hugh Pym

From:     Gianni Tedesco
To:     Hugh Pym
Subject:     RE: Will the coalition deliver on the economy?
Date:     19/08/10 19:41:34

Yes that and why the government might consider it a success at the same
time. In other words, why might they have diametrically opposed


From:     Hugh Pym
To:     Gianni Tedesco
Subject:     RE: Will the coalition deliver on the economy?
Date:     19/08/10 19:46:09

I guess government would argue that if there deficit is brought down
then that’s good for the taxpayer as the interest bill is reduced.  If
financial markets lose confidence the cost of borrowing would rise and
that would put even more pressure on taxpayers.

From:     Gianni Tedesco
To:     Hugh Pym
Subject:     RE: Will the coalition deliver on the economy?
Date:     19/08/10 20:20:04

Wouldn’t you agree that the argument is erroneous? Firstly the
government owns, and therefore ought to have control over, a sizeable
proportion of the banking sector. Secondly, no significant budget cuts
are planned for WMD programs, funding of the arms trade, military
spending or revenues being raised by enforcing corporation tax. In other
words cuts are disproportionately targeted at critical public services.

Lastly, while it is a fact that “financial markets” have
disproportionate impact on public policy, it doesn’t have to be the case
for a sovereign state which is able to seize illegitimate assets by
military force if necessary. Obviously I am joking, but if the state is
faced with a significant threat to the economy and capital flight it is
not so strange a response. Also when you compare it to going to war in
Iraq to protect foreign (US) industry while knowingly increasing the
risk of terrorism. It is not that absurd! I mean, bare foot melon
farmers in Afghanistan do not threaten my security in any way but
slashing public services does.

Thanks for prompt replies

Posted in letters, media, politics | Leave a comment