Salty W Dog

A new member of the family

And now we are four.  Salty is a yellow lab/collie/something mix that we adopted from Northeast Animal Rescue. He comes to us 3 months old and weighing 13 lbs, and will probably quadruple in size in the not-too-distant future.

Our Feel-Good War on Breast Cancer
This week’s New York Times Magazine cover story is an in-depth and pretty devastating critique of three decades of breast cancer awareness campaigns, especially focused on the Susan Komen foundation. The one sentence summary: Komen’s campaigns aren’t helping to cure or prevent cancer, they aren’t dispensing good medical advice, but they are causing women to live in unnecessary fear.
How Boston exposes America’s dark post-9/11 bargain
I’m proud of how the people and politicians of Boston reacted to the bombing of the 2013 Marathon and resulting manhunt. But I share a lot of this columnist’s anger at the choices we as a country have made about how we confront terror, and what those choices have cost us.

Capistrano multistage deploy configuration stored in a YAML file with MultiYAML

I spend a lot of time working on deploying a variety of software applications smoothly to different environments. A tool central to my workflow is Capistrano, an SSH-based deployment framework written in Ruby. In its Ruby-ish way, Capistrano’s multistage functionality requires stubbing out different Ruby files for each stage — staging, production, etc. In our environment, I decided it was better to instead store all of the per-stage configuration in one single configuration file, and I chose to do it in the simple YAML format. There are several advantages to this approach:
  • The file format is straightforward and can be modified both by humans and scripts, including automatic updates from a central source of truth.
  • There are fewer configuration files, and within the single configuration file there is much less repetition of configuration, because we can use YAML’s built-in anchor/alias functionality.
  • It strongly encourages storing deployment logic in the deploy.rb file and hooking tasks using Capistrano’s before/after callback functionality, rather than building stage-specific tasks.
The module I built is inspired by Jamis Buck’s original Capistrano multistage module, as well as Lee Hambly’s prototype YAML multistage extension, which was never packaged and is no longer maintained. My capistrano-multiyaml module is available on GitHub along with documentation, and can be installed via RubyGems.
Unfit for Work
NPR’s Planet Money investigates the 14 million Americans on a “hidden” form of welfare — disability. Eye opening.
As it gets easier for one member of a group to destroy the entire group, and the group size gets larger, the odds of someone in the group doing it approaches certainty. Our global interconnectedness means that our group size encompasses everyone on the planet, and since government hasn’t kept up, we have to worry about the weakest-controlled member of the weakest-controlled country. Is this a fundamental limitation of technological advancement, one that could end civilization? First our fears grip us so strongly that, thinking about the short term, we willingly embrace a police state in a desperate attempt to keep us safe; then, someone goes off and destroys us anyway?

Bruce Schneier's chilling new op-ed

Serious steel

Japanese Santoku KnifeThis week I bought my first “adult” kitchen knife, and I’m excited. As I have gotten a bit older and just a tiny bit wiser, I have started to realize that the matched set is less important than the single item of quality. In this case, that means getting rid of a block set filled with fifteen matched knives of all shapes and sizes — most of which I never use — in favor of three or four really nice cutting implements that I will use every day. I’m not obsessed with having the best of everything — that involves a level of time commitment and monetary outlay that is at odds with my lifestyle — but I am interested in quality. I lean heavily towards very good single-purpose tools rather than mediocre multi-function devices. When it came time to purchase a new television of a larger size, I settled on one that was not the most expensive — not by a long shot — but was very good at being a television. That’s it, just a television. No “smart” features, no whiz-bang 3D or other fads, no super-fancy speakers or internet-connected doodads or motion-control thingamabobs. It is just a television, and I am very happy with it. While peripherals and set-top boxes and remotes will change, I think this television will stand the test of time. My first adult knife is a 7″ Japanese Santoku. I love holding it and feeling its weight and balance in my hand. I am looking forward to some serious chopping and dicing in the near future. I enjoy spending time in the kitchen, and perhaps this new high-quality tool will push me to up my food prep game a bit.
Comparing the Security and Privacy of Browser Syncing
This analysis makes me feel relatively better about Google’s Chrome Sync and relatively worse about Apple’s iCloud sync. Of course these and any of the other sync security options could change instantly if the vendor releases a browser update (in the case of Chrome a silent one) that modifies the behavior.

Data privacy and security in 2013: Cloudy!

On Friday I attended a Data Privacy Day (a real thing!) panel co-sponsored by HUIT and Harvard’s School of Engineering and Applied Sciences called “The Intersection of Privacy and Security“. The panelists were noted Harvard technology graybeard Scott Bradner, always interesting professor Salil Vadhan, and SEAS computing director Steve King. After some brief introductory remarks by the panelists about balancing privacy and security, the floor was opened. I seized the opportunity to ask about something that has been much on my mind lately: how to make sensible personal choices about data privacy (and security!) in an age of highly-connected devices heavily depending on third-party hosted services. Or to boil that down a bit more: Let’s say I have a phone, a tablet, and a laptop, a pretty common set of devices these days. And let’s say I use them all constantly. And these devices are tracking what I read and listen to, who I talk to, where I go, what I buy, and every email, chat, and text I send and receive. They are syncing this data between each other and up to an amorphous “cloud” service, where my data is being collated, cross-referenced, sold to marketers, and stored forever. Given this fact situation, how can I, as an individual, make sensible privacy and security trade-offs, when in order to get the maximal value out of these devices, I must cede control of my data — both the privacy of it and the security of it — to a third-party vendor such as Google or Apple? A variety of answers were given, none of them entirely comforting. From Bradner, first, came the cynical view — pay in cash, forego loyalty programs, do not use cloud services, and assume everything you store online will be there forever. This is a valid answer, and rock-solid from a data privacy perspective, but I don’t consider it very practical. His next suggestion was an interesting one, and that was to look for natural alignments — is the corporation I’m entrusting with my data looking out for the same things as I am? His example, backed up by King, was Google’s track-record on fighting invalid data requests from governments and safeguarding customer information. They do this both because that information is valuable to Google, and because customer confidence in Google is also valuable to their bottom line. This raises some interesting and difficult questions — with a company as far-reaching and often secretive as Google, how can we know their actions and track their intentions? For how long will my interests align with Google’s, and when they inevitable stop aligning, how can I erase my digital life from Google’s clutches? Professor Vadhan I believe was the one to bring up some of the regulatory remedies. Data privacy laws, when well crafted, could help to protect individuals from corporate data misuse, and perhaps even some types of government data misuse. Europe has tried several approaches to this, with mixed success. But such regulation is not on the docket in the United States currently, so that solution doesn’t provide any immediate guidance. And, Professor Vadhan admitted, he clicks through every terms of service notice and privacy agreement without reading it, just as we all do. In my view, and seemingly that of the panelists, there is no clear path forward at present for this problem. For now we must all work to inform ourselves about risks, balance the trade-offs, and make decisions that we are comfortable with. So maybe I will use the CVS loyalty card, but not link it to a credit card. Or I will use Google’s Gmail service, but not Google+. This is complicated, time-consuming, and frankly difficult — Facebook’s privacy settings, for instance, shift frequently in unexpected ways, often without notice. Opting out of online services’ choices about how to use our personal data is becoming more and more difficult — perhaps because they see it as their data. With no easy answers on individual data privacy, we can only muddle on as we have been doing, and hope for clearer, easier choices in the future. Meanwhile, the data we share ends up in unexpected places. The only silver lining, in my view, is that I’m not convinced that putting something on the internet does necessarily mean it will be there “forever”. The internet does seem to forget, or, if not forget, at least the constant deluge of new data seems to moderate and bury the old, in ways that can only be good for our lasting well being.
RIP, Aaron Swartz
Cory Doctorow’s moving tribute to Swartz, 26, who was recently found to have committed suicide. I never knew Aaron, but I’d occasionally see him around Harvard. I recognized him because I followed his blog, digital activism, and standards-making work since I was in high school. He was a brilliant and driven thinker and doer in the digital law and public policy space. He also helped create (or at least rewrite) the early Reddit, crafted the Creative Commons license framework, and helped build the RSS specification. That’s a lot to accomplish in a lifetime, and he did it all in his teenage years and early 20s. He is a few years younger than me, and at times I found him inspiring, at other times inscrutable, but always I kept an eye out for his latest work. Sometimes I wondered — if I had done things differently, been more passionate, just a bit smarter — if I could have been like Aaron. Now, learning about his demons, I’m just sad for him, and for us, who no longer have him around.

iPhone lover “confesses” to switching to the Nexus 4

Ralf Rottmann lays out his reasons for switching from an iPhone to the newest Google Android device. I too have been interestingly eyeing a Nexus 4, for many of the same reasons he expresses. The iPhone has consistently won out with both hardware and software design, quality of user experience, and availability of compelling applications. But Android has finally improved to the point where those advantages are greatly diminished. Meanwhile Android’s advantages with regard to intra-app communication, more seamless sharing, and Google service integration have not been matched on the iPhone side, no matter what the misleading Siri advertisements claim. My concern continues to be what it has been from the beginning — in addition to wanting a device that works reliably and well, I also want one that belongs to me. I am extremely wary of loading my entire life into Google’s digital vaults, from which it can never be fully extricated, is subject to massive amounts of collation and analysis, and is sold to their advertisers and kept for their future uses. I do use Google’s Gmail service for my email, but I pay for it, and I wish that along with that payment would come a much more significant promise to segregate my data and not use it for evil. Until such a promise is more clearly expressed, I don’t trust Google’s Android ecosystem any more than the rest of the services they provide — the Chrome sync that I disable, the Web History that I purge, the mandatory public Google Plus profile that I strip of all useful information, etc. It’s not that I’m afraid to share information online, simply that I want to control my own information and make my own choices, and have the right to change my mind in the future. I don’t think that is too much to ask.

Gun violence triptych

We don’t have to go far. Following the tragic school shooting yesterday in Newtown, Connecticut, the New Yorker is out in force with a set of devastating reactions, all worth reading: I’m seeing the same sentiments all over the media I read and among the people I follow on Facebook and Twitter. I hope this is a trend, and that we may finally, finally have the momentum to take meaningful action in America on firearm legal reform. Remarkable — yet not — that it took the mass murder of nearly two dozen kindergarden children to get us here. If we don’t take action now, I’m not sure we ever will.

A Portrait of the Systems Administrator as a Young Man (Part 1)

When I started at the Instructional Computing Group, I aimed to be subservient. I was coming from a small fast-paced research center with a lot of strong personalities, complicated politics, and limited technical resources. I had charted my own path there, and I thought it was a good one, but now I was ready to learn how the “professionals” do things. Plus I was looking forward to working normal, non-crazy hours. Through reorganizations and office moves, I stuck with the philosophy that I was here to do a job, and it would not behoove me to be involved in the politics of the place. Boy was I naive! I came into the group tasked primarily with maintaining and improving three servers, and secondarily with building some new stuff. Anyone who knows me can guess I was much more interested in the latter than the former. This was a transitional time in IT, or at least in Harvard IT. At my last job I had stood up virtualization, letting a few powerful servers run many smaller virtual systems. This was a pretty new thing, but it was awesome, and I just assumed everyone was going to be doing it soon. I had no idea at the time how conservative IT organizations often are, or how fragmented. Yes indeed there were virtualization initiatives — four of them that I was eventually became aware of, some well-funded and some small, some for Windows and some for Linux and some for both, none out of the pilot phase. To do cool new stuff for instructional computing, I needed hardware, and if we were speccing out a few powerful (and expensive) servers, and there was no current virtualization solution available and supported, it just made sense to me that we should install VMWare or Xen on them (this was before KVM) and spit out a bunch of little VMs we could use for experimentation and student projects. This was when I (and my boss) discovered that things were changing, control was being centralized, and being an “Instructional Systems Administrator” meant pretty much squat when it came to making decisions about infrastructure. Our request was not outright denied, it was just delayed and eventually pocket-vetoed. Given the new realities, and the lack of enough work on the existing systems to fill my days, we came to the conclusion (my boss and I) that I should be embedded in the systems group part time, giving them a hand, learning about their technologies, and advocating for/formulating plans for ICG’s technical future. And here’s where things went awry again — the UNIX/Linux team didn’t want me, I got to go sit with the Windows folks. Which is fine and all, but not at all relevant to what I was hired to do. Nor did they seem to much understand what to do with me. Four months into the new job, I had accomplished very little, and things were not going very well. So I took a vacation to Barcelona. Sitting in a hot hostel common room after a long day I was finally able to cajole my Linux netbook onto the wifi. The first email that came in was from my boss, telling me he wasn’t my boss anymore, and I had been reorganized. Coming in part two of our gripping tale: becoming a technical architect!