Daddy, what’s public key cryptography?

Leave a reply

I was working on an HTTPS issue today, and Ryan came to talk to me. While he
was watching, I figured out what was causing the problem, which was related to the
SSL handshake. Ryan asked about the handshake, and I tried to give him a
laymans-terms overview of what it was. Before I started, I started to picture in
my head what the conversation might be like:

Me: When an SSL connection is made…
Ryan: What’s SSL?
Me: When you want a connection to be encrypted…
Ryan: What’s “encrypted” mean?
Me: When two processes are talking…
Ryan: What’s a “process”?
Me: .

Here’s how I described it:

Me: If I want to send a message to another computer, I write the message
on a kind of postcard, with the address of the other computer on it, and then I
send it. The postcard goes out, sometimes on a wire, in this case through the
air –
Ryan: Like radio waves?
Me: Exactly. Then the other computer receives the postcard, checks the
address, and figures that the postcard is for him. Then he reads the message.
But, if there’s another computer nearby, it can look at the postcard too,
even though it’s got someone else’s address on it. So if I want to send a
secret message to a computer that’s my friend, I don’t want that other computer to be able to read it.
So, I take the data on the postcard, and mush* it all up, and change it, and make it look funny. My friend knows that it’s mushed up, and
it un-mushes it and gets the original secret message out. But the other computer
doesn’t know this, so it looks at the message and says “Huh? What’s that
mean?”
Ryan:
Me: When we first start talking, I tell my friend “Hey, I’m going to mush
up this data, and here’s how I’m going to do it.” and I give him some stuff that
allows him to un-mush the message — that’s called the “handshake”.
Ryan: Like this?
Me: Yes, just like that. It’s a way that two computers say “hello, I’m
going to send you some mushed data, here’s how to un-mush it”.
Ryan: That’s cool.

*Important note: Note that “mush” as used here rhymes with “bush” or “push”, not “hush”.

Then I gave him some examples of why you’d want to do this — when I order
a book from amazon.com (I thought of this because I pre-ordered the 7th Harry
Potter book today), I give them my credit card number. I don’t want someone else
to figure out my credit card number, or they might go to amazon.com and say “Hi
amazon.com, it’s me, Graeme. I’d like to buy 500 books and charge it to this
credit card”, and he gets the books, and I have to pay for it.
Ryan has a fairly limited sense of the value of money, but he gasped at this,
obviously realizing that this would be a Bad Thing. Either that, or I just gave
him a brilliant idea for how to get free stuff, and started him on his way to
being a career criminal. Heh heh heh… oops.

This shouldn’t be happening yet!

Leave a reply

Ryan was working on some homework the other day, and asked for some help. (He’s in Grade 2.) He was doing some logic puzzles, which I used to love as a kid. The first one was: There are four birds sitting on a fence. Colour each of them according to these rules:

  1. The blue bird is not last
  2. The yellow bird is between the green bird and the blue bird
  3. The red bird is first

“OK, this is easy”, I thought. Yellow is between green and blue, so we have GYB somewhere. Since blue is not last, it must be GYBR. But the last clue says that red is first, so it must be RGYB. But that makes blue last, so that’s wrong too. I must have looked at this for a couple of minutes before telling Ryan that there must have been a typo somewhere, since the puzzle is not solvable. He skipped it and went on to the next one.

Later, I was going to show it to Gail, and make some kind of joke about the fact that they gave Ryan an impossible question to answer, when I noticed that the birds had all been coloured in. I looked at the colours, and smacked myself in the head for being so stupid. Of course the question was not impossible. When it said yellow is between green and blue, I assumed that meant GYB in that order — it actually meant BYG. Putting red first (as clue 3 dictates) gives you RBYG, which fits all the clues. Boy, did I feel like a moron.

I knew there would come a time when I would not be able to help Ryan with his homework. I just figured I had a couple more years….

Stopping guestbook spam

Leave a reply

My family web site has a guest book that a number of people, mostly family, have signed. Since I put it up a couple of years ago, I’ve gotten “guestbook spam” every now and again — messages sent by people we don’t know, advertising their cheap V1@grA or whatever, though some just talk about what a great site it is, and how informative, and don’t actually contain a link. I don’t understand those ones, but whatever. Anyway, in the last few months, the number of spam entries I was getting increased astronomically, until a couple of weeks ago I started getting four or five of them a day. I wrote all the code for the website myself, and when someone adds a guestbook entry, I get sent an email containing who did it, when, and the text of the comment. When the spam started getting out of control, I changed it so that there’s now a “delete this entry” link in the email. If I click the link, the entry gets deleted. Very easy, but still annoying.

I have no real idea how these messages were getting created, but I’m quite certain it wasn’t someone actually sitting at a browser looking for guestbooks and adding entries when they find one. It had to be a bot of some kind. I figured that if I were writing a bot to do this, I might look at how the majority of guestbooks handle comments, and then write my bot accordingly. My guess was that they simply start requesting pages using POST, and sending “comment=&name=&email=” as the POST body. If it’s a guestbook-type page, that may or may not enter a comment, and then the bot can move on to the next page. I suspected that the vast majority of guest books use “email” as the name of the email address field, “name” as the name field, and “comment” as the comment field, so I changed my page so that the names of these fields are hard-coded random strings. (If I wanted to, I could change it so that the strings are not hard-coded, but randomly generated at run-time, but that’s just too much work.) The end result is that in the week since I made this change, I have not gotten a single spam entry in my guestbook.

It’s certainly possible for a script to get the (HTML) source for a page, analyze it to find out what the actual field names are, and then submit spam entries that way, but I guess the bots aren’t smart enough yet to do that. I’m sure it won’t be long though…

Feb 5 update: Got two spam entries this morning. Oh well.

Men’s Day 2007

Leave a reply

Friday was Men’s Day at Devil’s Glen Country Club, where Dave, my former boss and our VP of Engineering, has a chalet. They have Men’s Day at the end of January every year, and Dave invites a bunch of us up. Once you buy your ticket ($140 this year), you get skiing for the day, breakfast and lunch, free beer and munchies (everything from wings and meatballs to oysters), plus gifts and lots of prize draws. The prizes are pretty substantial too — they had things like autographed Leafs and Raptors jerseys, BBQ’s, ski equipment, other electronic devices, and then a few grand prizes, including a 50″ plasma TV and a year’s membership at a local golf course. One of the guys from our group won an Atomic ski bag and baseball cap. The gifts this year included a Devil’s Glen baseball cap, a shirt (though they weren’t ready in time and will be mailed out later), and one really strange one — a six-pack of beer.

The skiing was great. It was pretty cold in the morning (when we got up, Dave’s weather station said it was -20), but it had warmed up to about -8 a few hours later. I think the cold temperatures must have scared some people off or kept them inside, because the hills were pretty empty. Good ski conditions + almost no lift lines = good skiing. I stuck to the easy and intermediate hills most of the day, though I did two or three black diamond (“expert”) runs. I skipped the double diamond runs though, I just don’t have the confidence in my skiing ability for those. I only ski once a year (though I missed it last year because I was sick), and my leg muscles are a little stiff today. There’s normally a one-day grace period before the real pain sets in, so I’m not looking forward to tomorrow.

We all went up to Dave’s chalet on the Thursday night to drink beer, play pool and table tennis, and hang out in the hot tub, but this year the big hit was the Nintendo Wii. Several of us had never seen one, and we all agreed that it’s a really dumb name (though catchy), and we also all agreed that it was a lot of fun. We played a bunch of sports games — golf, tennis, baseball, bowling, and boxing. The graphics are no big deal (I think my several-year-old Nintendo 64 has better graphics), but the controller (the “Wii-mote”) is the big draw. (I’m describing it here for those who have never used one &mdash feel free to skip this paragraph if you are familiar with the Wii.) It kind of looks like a (wireless) remote control with less buttons, but you basically use the remote like you would the golf club / baseball bat / tennis racquet / etc. It detects the motion (front-to-back, side-to-side, and even twisting) and speed, and the game acts accordingly. I was pretty impressed at the physics involved, and how they can sell this kind of technology for so little — if you can find one, I think they’re under $300. My birthday’s not until July, so maybe I should ask for one as a Valentine’s Day present?

Yet another Montana

Leave a reply

We bought a new van last Friday. Well, leased, not bought. We leased a 2000 Pontiac Montana for three years, and then returned that and leased a 2003 Montana for four years, and that lease is coming due soon, but we’re already over on the kilometers, so we went in early, chose our options, and signed on the dotted line. I like the van, and Gail loves it, so we had no problem getting another one. Since Gail works for EDS (which used to be owned by GM), she gets an employee discount, which we wouldn’t get anywhere else, so we didn’t even have to do any research. Every car we have ever had has been a GM product, and all but two have been Pontiacs: 1988 Cavalier Z24, 1996 Grand Prix, 1997 Saturn, 2000/2003/2007 Montanas, and 2004 Sunfire.

Interesting note: when looking for the link above, I originally went to pontiac.com, and found that in the US, the Montana is no longer available. They only have the Torrent (also available in Canada), which is more of an SUV, but no minivan. Too bad for Americans. Of course, they get the G6 convertible which is not available in Canada.

When we got the 2003 van four years ago, we had big-time issues with the local Pontiac dealer — the sales guy was fine, but the leasing manager took a phone call from another customer while we were sitting in her office, and discussed his financial details (complete with down payment and monthly payment amounts) with him. When we asked if she had ever had customers in her office when talking to us on the phone, she didn’t seem to understand why that would be a problem, but then said something to the effect of “No, I wouldn’t do that to you guys“, like the customer she was just talking to was somehow less important. We had other problems with her, and I ended up writing a letter to the president of the dealership, explaining the problems we had and telling him that we wouldn’t be back. Well, I caved there since it’s the closest Pontiac dealer, and it’s just too inconvenient to go somewhere else (though not entirely – I bought the Sunfire two years ago at a dealership in Waterloo). But when I set up an appointment, they said that we’d be meeting with the same person as last time. I said “No we won’t”, and explained that we had had issues with her the last time. We arranged to meet with someone else, and I guess they went through our file and found my letter, and just fell over themselves telling us that they would do whatever it took to make us happy “this time”. You know how it is — the squeaky wheel gets the grease.

Rock lose home opener

Leave a reply

The Toronto Rock played their first home game of the season on Friday night,
a 19-15 loss to Rochester. It was a pretty entertaining game, though the Rock
took a lot of undisciplined penalties (and the officiating was pretty inconsistent
all night). Rochester scored an unbelievable ten power play goals —
the Rock offense wasn’t bad (hey, they scored 15), but they just couldn’t stay
out of the box, so it seemed like they were a man down for two thirds of the game.
You just can’t win doing that. Hopefully new coach Clark can settle them down
a bit for next week’s game in Philadelphia, and if Jim Veltman is healthy
enough to play, that will certainly help.

The loss of Colin Doyle wasn’t a huge factor in this game. All three guys they
got for him played — Benesch scored four goals and looked pretty good.
Thompson wasn’t much of a factor, and Fines scored a goal, though I didn’t think
he played very well. Despite getting pounded for 19 goals, Watson played pretty
well — as my buddy Steve said, he was the reason the Rock didn’t lose by
10 or more. Funniest moment of the game: the Knighthawks gain possession of the
ball, and their coach immediately signals the ref for a time-out. The ref blows
the whistle and a second or two later, the Knighthawk players, who don’t know
about the time-out request, score. The goal is waved off.

Finally winter’s here! Normally, I’d complain about that, but I’m going
skiing this Friday, and I was worried that there wouldn’t be enough snow to
actually go. But it’s been cold enough to make snow for a week now, and
Collingwood’s gotten some real snow as well, so the conditions should be
pretty good. The forecast calls for a high on Friday of -13 — my ideal
temperature for skiing is about -6, so it’ll be cold, but for my one ski day
per year, I can handle it.

Bonds and Beckham

Leave a reply

Barry Bonds says that
Mark McGwire (and Pete Rose) should be in the Hall of Fame. Well, of course
Bonds thinks that McGwire should be there — if McGwire isn’t there
because he used steroids, then there’s no way Bonds will get there. I posted
a
while ago about McGwire, and how I didn’t know whether he should
or should not be in the HOF. Well, I think I’ve made up my mind now — if I
had a vote, I would not vote for him.

It’s never been proven
beyond a reasonable doubt that McGwire took steroids, but this is not a court of
law, so there is no set “burden of proof”. And even if steroids were not
explicitly banned by MLB, the belief by the general public (thanks Ben Johnson)
was that those who used steroids were cheaters. McGwire had already retired, and
had broken no baseball rules by taking the drugs, so there were no repercussions
if he were to admit taking them, but he still stonewalled the US Congressional
inquiry and refused to answer any questions. Why? Because he knew that
what he had done was wrong. If he had ‘fessed up, I might have had a
little more compassion, but he cheated and then lied about it. No! No
Hall of Fame for you!

I posted before
on why Pete Rose should not be in the Hall, so I won’t go over that again. I
can’t think of two more deserving Hall of Famers than Cal Ripken and Tony
Gwynn, so congrats to them.

So the MLS is all about signing older, used-to-be-good-but-not-so-much-now players for insane amounts money now, is it? Then who better than MLSE to own a franchise in that league? They’ve been doing that with the Leafs for years.

I will choose free will

Leave a reply

Scott Adams, the creator of Dilbert, also has a blog, which is
one of my favourites. He writes about all sorts of things that don’t
appear in Dilbert, like politics and religion and stuff. It’s usually pretty
funny, but he’s quite an intelligent guy, so it’s frequently thought-provoking
as well. One subject that he writes about now and again is free will, or the
lack thereof. He believes that free will does not exist. By this he does not
mean that everything is predetermined, but that humans cannot control their own
actions or decisions. The idea is that given a certain environment and
set of inputs, your brain will make a deterministic decision.
Basically, free will is an illusion; what really
has control over our decisions is simply chemistry, biology, and physics.

I find this to be a fascinating topic, with zillions of implications. For me,
the primary implication is that of the law — should a person be found guilty
and punished for a crime that he did not explicitly choose to commit? If someone
is found not guilty of murder by reason of insanity, the idea is that some defect
in his brain meant there was no way for him to make the choice not to
kill. There is talk of serial killers whose brains are “wired” to kill, and it is
not only inevitable that they will, but unreasonable to expect them to be able to
resist. But if there is no free will, then all of our
brains are wired in some way — most of us are wired not to kill,
but not all. Similarly, most of us are wired not to steal, but not all.
Therefore, those who steal (including those who know it’s morally wrong)
are simply following the instructions wired into their brains — they cannot
choose not to. Obviously we have to put people who are “wired” to kill in
jail or some kind of hospital, because they pose a danger to society. But what
about those park in a no-parking zone — do they
deserve to be punished for it, when it could be argued that they did not
choose to commit their crime; they are merely a victim of their own
brain chemistry?

For my part, I tend to agree with Scott. However, the “illusion” of free
will is enough for me. Perhaps it is completely deterministic that given a
particular set of circumstances, my brain will make a certain decision, but
there’s no way to calculate in advance what that decision would be, so my
decisions have the appearance of being in my control. This is why you
hear people watching people in some difficult situation (on TV or whatever) and
saying “I don’t know what I’d do in that situation”. Well, the answer is
essentially hard-wired into your brain, but since there’s no way to access it,
the fact that the answer is already there is of no use.

In addition, the number of
variables that go into a decision is incalculable, so even if you could access it,
you couldn’t look it up without knowing an unbounded amount of data about the
environment and circumstances. And if that weren’t enough, you can also throw
quantum mechanics and chaos theory into the mix, and now at least some of the
variables that have an affect on a decision are essentially random. It boggles
the mind.

Aside: Actually, quantum mechanics is itself enough to boggle my mind.
I love reading about it, but I generally can’t wrap my head around the concepts.
I suspect I’m not alone in that respect.

The NeXT Big Thing?

Leave a reply

To: All Apple employees
From: Steve Jobs
Date: January 8, 2017

 

As you all know, tomorrow is the 10th anniversary of our announcement of the first iPhone, and we are commemorating this event with our biggest announcement yet: the new Apple iBrain cranial implant. Many of you have had the beta implant for a few months now, and if you think down to the ‘upgrade’ page, you can see the GA upgrade surgery schedule.

The iBrain contains what you’d expect: music and ultra-hi-def video players, hologram projector, satellite videophone, 20 Gigapixel camera, car remote control (thanks to the Segway team for getting that in before the deadline!), and calculator. However, because this device is directly implanted into your brain, it has some very exciting new abilities as well. The iBrain can enhance your memory (imagine remembering what you had for lunch on any given day 10 years ago!) as well as give you vastly improved hearing and vision (up to 20:0.25 on the old scale — remember when people used to improve their vision by actually altering their eyeballs rather than improving the brain’s processing of the existing visual signals from the eyes?).

The iBrain upgrade package includes everything in the base package plus some extras like enhancing your senses of smell and taste, the ability to understand what lawyers are talking about, basic car repair, home repair, and welding techniques, and an impressive multimedia library, including every song, book, TV show, and film ever created, as well as the entire contents of youtube.com (thanks to our recent agreement with Google-Microsoft). Just think – if you want to watch some video of last year’s “The Who – the Farewell-No-Really-We-Mean-It-This-Time” tour, it’s there, as well as every season of “CSI: Toledo”, and the top selling albums of 2016: “Daddy Didn’t Do Me No Favors” by Prince Jackson, “Greatest Hits Vol. 6” by Paris Hilton, and “I Got Issues” by Britney Timberlake. Thanks to our merger with Nintendo three years ago, the upgrade also includes the new Nintendo W00t! gaming system.

You can also get upgrades for the iBrain at the iStore. Packages include a language pack, giving you full fluency in such languages as English, Japanese, Chinese, Spanish, and L33t, courses and even entire degrees from most accredited North American universities, jiu-jitsu, and the ability to fly a B-212 helicopter.

I also want to mention that the employees who volunteered for alpha testing have been doing very well — most of them can now walk on their own again, and a few have begun to speak! Once again, I cannot stress enough that the use of the phrase “insanely great” is absolutely forbidden in reference to this product.

I want to thank all of our employees for all of their hard work and dedication to this project. Be sure to watch AppleTV next week for our exclusive coverage of President Clooney’s Minute Maid State of the Union address brought to you by Allstate.

Steve

A thinly veiled attempt to increase readership

Leave a reply

Mmmmmm-kay. I have exactly two lurkers. You’d think that a blog like this
that deals with a fringe sport like lacrosse as well as the day-to-day life of
Joe “2.3-kids-a-minivan-and-a-mortgage” Suburbs would get thousands of hits a day,
but alas, you’d be wrong. Then again, I
don’t care about reader numbers, do I?

Seems that the real way to attract blog readers is to (a) be famous (nope),
or (b) be an expert in some field and write about that (nope). However, I’ve seen
several blogs about politics, and they always seem to attract the commenters, so
maybe I’ll try that. Note that I don’t really follow politics much, so you might
have to fill in some of the blanks here:

Did you read about what said the other day about
? I just can’t
believe anyone can think that way – those damned s.
Don’t they understand that ? Don’t they remember
? Have we learned
nothing from ?

OK, that’s not working. I guess I’ll stick to writing about stuff that I am
more familiar with, and hopefully my faithful readers will occasionally find it
interesting.

Item: Nicholas had oatmeal for breakfast this morning. I shit you
not.