|
.NET & Java architect,
programming languages geek,
Radiohead and Evangelion fan.
|
Radiohead:
Last year we were asked to write a theme tune for the Bond movie Spectre. Yes we were. It didn’t work out, but became something of our own, which we love very much. As the year closes we thought you might like to hear it.
Merry Christmas. May the force be with you.
According to a press release issued by NBC-owned Syfy, the cable channel has announced its intention to produce an "event series" (read: miniseries) adaptation of Dan Simmons’ 1989 sci-fi novel Hyperion.
Long regarded as a tentpole of modern science fiction, Hyperion starts out as a sci-fi take on The Canterbury Tales, featuring a main cast of seven characters brought together on a pilgrimage to the dwelling of an inscrutable killing machine called "The Shrike." The book is the first in a loose series, being followed by its direct sequel Fall of Hyperion, and then two other books set hundreds of years later, Endymion and Rise of Endymion. The series is collectively referred to as "The Hyperion Cantos."
"Set on the eve of Armageddon with the entire galaxy at war, Hyperion is the story of seven pilgrims who set forth on a voyage to seek the answers to the unsolved riddles of their lives," reads the press release. "Each carries a desperate hope and a terrible secret—while one may hold the fate of humanity in his hands."
Read 3 remaining paragraphs | Comments
On Tuesday, Dredd film producer Adi Shankar and Torque Director Joseph Kahn posted the violent, vulgarity-laden sci-fi series reboot you never knew you wanted: The Mighty Morphin' Power Rangers are back. Well, kind of.
Katee Sackhoff, best known to sci-fi fans as Starbuck from last decade's Battlestar Galactica reboot, stars as Kimberly "Pink Ranger" Hart in a 12-minute short film that was posted to Vimeo and YouTube earlier this morning. (The Vimeo cut has since been pulled, and it was described as the "gorier" version, so, start hunting!) Titled POWER/RANGER—because that styling worked so well for FACE/OFF—the film sees Sackoff being interrogated by James Van Der Beek (who also apparently co-wrote) while he recalls the grisly fates of other Rangers. Karate, robots, guns, swords, and blood ensue, and the results are slick enough for us to feel weirdly comfortable recommending that you watch it.
Read 2 remaining paragraphs | Comments
I'm often amazed at the Sisyphean lengths people will go to try and prevent failure, yet prepare so little for its inevitability.
There's nothing wrong with attempting to prevent failures that are easily preventable. But such preventative measures have to be weighed against the friction and cost the measure introduces. Lost in this calculation is the consideration that much of the energy and effort that goes into prevention might be better spent in preparing to respond to failure and the repair process.
This is a lesson that's not just true for software, but all aspects of life. The following are examples of where this principle applies to social policy, parenting, relationships, and code.
The "War on Drugs" is it a colossal failure of social policy...
If there is one number that embodies the seemingly intractable challenge imposed by the illegal drug trade on the relationship between the United States and Mexico, it is $177.26. That is the retail price, according to Drug Enforcement Administration data, of one gram of pure cocaine from your typical local pusher. That is 74 percent cheaper than it was 30 years ago.
So after thirty years spent, $51 Trillion (yes, Trillion!) spent, not to mention the incredible social costs, the result we get for all that expenditure is it's 74 percent cheaper for that hit of cocaine. Wall street traders are rejoicing.
It doesn't take 5 Nobel Prize winning economists to tell you that the drug war is a failure.
The idea that you can tell people to "Just Say No" and that will somehow turn the tide of human nature is laughably ridiculous. This is the failure of the prevention model.
A response that focuses on repair as opposed to all out prevention realizes that you can't stop people from taking drugs, but you can help with the repair process for those who do get addicted. You can get better results if you treat drugs as a health problem and not a criminal problem. It's worked very well for Portugal. Ten years after they decriminalized all drugs, drug abuse is down by half.
This development can not only be attributed to decriminalisation but to a confluence of treatment and risk reduction policies.
It's a sane approach and it works. Locking an addict up in jail doesn't help them to repair.
A while back I wrote about the practice of Reflective Parenting. In that post, I wrote about the concept of repairing.
Now this last point is the most important lesson. Parents, we are going to fuck up. We’re going to do it royally. Accept it. Forgive yourself. And then repair the situation.
If there's ever a situation that will disabuse a person of the notion that they're infallible, it's becoming a parent. An essential part of being human is that mistakes will be made. Learning how to gracefully repair relationships afterwards helps lessen the long term impact of such mistakes.
Perhaps I'm fortunate that I get a lot of practice fucking up and then repairing with my own kids. Just the other day I was frazzled trying to get the kids ready for some birthday party. I told my son to fill out the birthday card, but avoid a splotch of water on the table while I went to grab a towel. Sure enough, he put the card on the water. I was pissed. I berated him for doing the one thing I just finished explicitly telling him not to do that. Why would he do that?! Why didn't he liste?!
His normal smile was replaced with a crestfallen face as his eyes teared up. That struck me. When I calmed down, he pointed to a little plate full of water on the table. He thought I had meant that water. "Asshole" doesn't even begin to describe how much of a schmuck I felt at that moment. It was a total misunderstanding. He didn't even see the splotch of water next to the more conspicuous plate of water.
I got down to his eye level and told him that I'm sorry. I made a mistake. I understand how my instructions would be confusing. I was sincere, remorseful, and honest. We hugged it out and things were fine afterwards. Learning to repair is essential to good parenting.
I've been reading Difficult Conversations: How to Discuss What Matters Most. This book is a phenomenal guide to communicating well, both at work and home. Even if you think you are great at communicating with others, there's probably something in here for you.
It helped me through a recent difficult situation where I hurt someone's feelings. I had no idea that my words would prompt the response it did and I was surprised by the reaction. Prior to reading this book, my typical approach would be to try and defend my actions and help this person see the obvious reason in my position. I would try to win the argument.
Difficult Conversations proposes a third approach, rather than try to win the argument, it suggests you move towards a learning conversation.
Instead of wanting to persuade and get your way, you want to understand what has happened from the other person’s point of view, explain your point of view, share and understand feelings, and work together to figure out a way to manage the problem going forward. In so doing, you make it more likely that the other person will be open to being persuaded, and that you will learn something that significantly changes the way you understand the problem. Changing our stance means inviting the other person into the conversation with us, to help us figure things out. If we’re going to achieve our purposes, we have lots we need to learn from them and lots they need to learn from us. We need to have a learning conversation.
What I've learned is that people in general aren't irrational. They only appear to be irrational because you are often missing a piece of context about how they view the world and interpret the actions of others.
This becomes crystal clear when you consider how you interpret your own actions. When was the last time you concluded that you acted with malicious intent or irrationally? How is it that you always act rationally with good intent, and others don't? Given your impeccable track record, how is it that sometimes, others ascribe malice to your actions? Well they must be irrational! Or is it that they are missing a piece of context that you have? Could it be possible, when you've been on the other end, that you ascribed malice in a situation where you really were missing some information?
It's not until you realize most people are alike in this way that you can start to have more productive learning conversations - even with folks you strongly disagree with.
Back to the story, despite all my good intentions and all my efforts to be respectful, I still failed and hurt my friend's feelings. It's just not possible to avoid this in every situation, though I strive to greatly reduce the occurrences. Fortunately, I've prepared for failure. By focusing on a learning conversation, we were able to repair the relationship. I believe it's even stronger as a result.
There's so many examples in software, it's hard to point to just one. So I'll pick two. First, let's talk about The Thing About Git. I've linked to this post many times because one of its key points really resonates with me.
Git means never having to say, "you should have"
If you took The Tangled Working Copy Problem to the mailing lists of each of the VCS's and solicited proposals for how best to untangle it, I think it's safe to say that most of the solutions would be of the form: "You should have XXX before YYY." ... More simply, the phrase: "you should have," ought to set off alarm bells. These are precisely the types of problems I want my VCS to solve, not throw back in my face with rules for how to structure workflow the next time.
Git recognizes that people make mistakes and rather than tell you that your only recourse is to grab a time machine and do what you should have done in the first place, it gives you tools to repair mistakes.
The theme of preparing for failure applies just as much to software and systems as it does to dealing with people.
There are a lot of backup systems out there. And to a degree, backups are a step in recognizing the value in preparing for disasters. But as any good system administrators know, backups are not the important part of the process. Backups are nothing without restores. Restores are what we really care about. That's the "repair" step when a hard-drive fails.
Systems and policies that require 100% failure prevention to work are highly suspect. Such a system should trigger your Spidey sense. When building a system or policy, think not only about how the system or policy might fail, but how users of the system and those subject to the policy might fail. And give them tools to recover and repair failures. Perhaps the only guarantee you can provide is there will be failure. So prepare for it and prepare to recover from it.
No one has admitted taking down North Korea's Internet. It could have been an act of retaliation by the US government, but it could just as well have been an ordinary DDoS attack. The follow-on attack against Sony PlayStation definitely seems to be the work of hackers unaffiliated with a government.
Not knowing who did what isn't new. It's called the "attribution problem," and it plagues Internet security. But as governments increasingly get involved in cyberspace attacks, it has policy implications as well. Last year, I wrote:
Ordinarily, you could determine who the attacker was by the weaponry. When you saw a tank driving down your street, you knew the military was involved because only the military could afford tanks. Cyberspace is different. In cyberspace, technology is broadly spreading its capability, and everyone is using the same weaponry: hackers, criminals, politically motivated hacktivists, national spies, militaries, even the potential cyberterrorist. They are all exploiting the same vulnerabilities, using the same sort of hacking tools, engaging in the same attack tactics, and leaving the same traces behind. They all eavesdrop or steal data. They all engage in denial-of-service attacks. They all probe cyberdefences and do their best to cover their tracks.Despite this, knowing the attacker is vitally important. As members of society, we have several different types of organizations that can defend us from an attack. We can call the police or the military. We can call on our national anti-terrorist agency and our corporate lawyers. Or we can defend ourselves with a variety of commercial products and services. Depending on the situation, all of these are reasonable choices.
The legal regime in which any defense operates depends on two things: who is attacking you and why. Unfortunately, when you are being attacked in cyberspace, the two things you often do not know are who is attacking you and why. It is not that everything can be defined as cyberwar; it is that we are increasingly seeing warlike tactics used in broader cyberconflicts. This makes defence and national cyberdefence policy difficult.
In 2007, the Israeli Air Force bombed and destroyed the al-Kibar nuclear facility in Syria. The Syrian government immediately knew who did it, because airplanes are hard to disguise. In 2010, the US and Israel jointly damaged Iran's Natanz nuclear facility. But this time they used a cyberweapon, Stuxnet, and no one knew who did it until details were leaked years later. China routinely denies its cyberespionage activities. And a 2009 cyberattack against the United States and South Korea was blamed on North Korea even though it may have originated from either London or Miami.
When it's possible to identify the origins of cyberattacks -- like forensic experts were able to do with many of the Chinese attacks against US networks -- it's as a result of months of detailed analysis and investigation. That kind of time frame doesn't help at the moment of attack, when you have to decide within milliseconds how your network is going to react and within days how your country is going to react. This, in part, explains the relative disarray within the Obama administration over what to do about North Korea. Officials in the US government and international institutions simply don't have the legal or even the conceptual framework to deal with these types of scenarios.
The blurring of lines between individual actors and national governments has been happening more and more in cyberspace. What has been called the first cyberwar, Russia vs. Estonia in 2007, was partly the work of a 20-year-old ethnic Russian living in Tallinn, and partly the work of a pro-Kremlin youth group associated with the Russian government. Many of the Chinese hackers targeting Western networks seem to be unaffiliated with the Chinese government. And in 2011, the hacker group Anonymous threatened NATO.
It's a strange future we live in when we can't tell the difference between random hackers and major governments, or when those same random hackers can credibly threaten international military organizations.
This is why people around the world should care about the Sony hack. In this future, we're going to see an even greater blurring of traditional lines between police, military, and private actions as technology broadly distributes attack capabilities across a variety of actors. This attribution difficulty is here to stay, at least for the foreseeable future.
If North Korea is responsible for the cyberattack, how is the situation different than a North Korean agent breaking into Sony's office, photocopying a lot of papers, and making them available to the public? Is Chinese corporate espionage a problem for governments to solve, or should we let corporations defend themselves? Should the National Security Agency defend US corporate networks, or only US military networks? How much should we allow organizations like the NSA to insist that we trust them without proof when they claim to have classified evidence that they don't want to disclose? How should we react to one government imposing sanctions on another based on this secret evidence? More importantly, when we don't know who is launching an attack or why, who is in charge of the response and under what legal system should those in charge operate?
We need to figure all of this out. We need national guidelines to determine when the military should get involved and when it's a police matter, as well as what sorts of proportional responses are available in each instance. We need international agreements defining what counts as cyberwar and what does not. And, most of all right now, we need to tone down all the cyberwar rhetoric. Breaking into the offices of a company and photocopying their paperwork is not an act of war, no matter who did it. Neither is doing the same thing over the Internet. Let's save the big words for when it matters.
This essay previously appeared on TheAtlantic.com.
Jack Goldsmith responded to this essay.
From the emergence of markets in the 13th century to the scientific revolution of the 17th century to castles in the 11th century, this is a list of historian Ian Mortimer's 10 biggest changes of the past 1000 years.
Most people think of castles as representative of conflict. However, they should be seen as bastions of peace as much as war. In 1000 there were very few castles in Europe -- and none in England. This absence of local defences meant that lands were relatively easy to conquer -- William the Conqueror's invasion of England was greatly assisted by the lack of castles here. Over the 11th century, all across Europe, lords built defensive structures to defend them and their land. It thus became much harder for kings to simply conquer their neighbours. In this way, lords tightened their grip on their estates, and their masters started to think of themselves as kings of territories, not of tribes. Political leaders were thus bound to defend their borders -- and govern everyone within those borders, not just their own people. That's a pretty enormous change by anyone's standards.
The list is adapted from Mortimer's recent book, Centuries of Change.
Tags: books Centuries of Change Ian Mortimer lists
Log in
