2.18.2010

Olympic IT

It just goes to show how big of a Technologist I really am.

Whenever there's a big public event on television, like the olympics, the first thing that I think about is how IT is executed at these huge venues. What's different about the big events is the lack of permanence. At my place of business, the IT infrastructure is meant to stick around for quite a while. The cabling and organization is set up with that in mind. But events like the Olympics are a different beast altogether. All the effort, time, and money invested in IT infrastructure for the Olympic games is only for two weeks of service. After that, it all goes away. It amazes me how fast the IT pros working on these venues do their jobs so quickly and effectively.

Luckily, Cnet grabbed an interview with the head of IT at the Vancouver Winter Olympics. It's short, but he makes some very good points.



My favorite line of the whole video is when he says that the goal is to be as bored as possible. I guess that's the goal of any IT shop, do keep anomalies and downtime to an absolute minimum. However, I think it's a little different at a short-term, high-intensity effort like the Olympics. IT from a corporate perspective is all about growth, about not being stagnant in a dynamic and ever-advancing industry. If you're bored, you're probably falling behind, and not leveraging your IT department in a way that drives maximum profit. The Olympics is not about profit margins (at least from an IT perspective). The goal is to get in, get out, and make sure the event is properly connected to the world without a hitch. The objective is concrete, simple, and all-encompassing.

So, boredom works when your objective is clear. Us corporate types, while we may think that's the goal of IT, know and understand that the real winners in our industry are the ones that make sure they're keeping busy, but not because you can't keep up. You keep busy because you're always looking ahead to the next innovation and tool that will drive profit in your company. It's important to understand that difference.

In my world, it's the difference between being on the podium, and hurtling down a mountain, skis flying every which way, hoping to reach the bottom without serious injury.

Maybe I should start working for the Olympics.  

2.12.2010

Changing The Rules Of War


(Over the next few posts, I'll be discussing issues brought up in the spectacular PBS Frontline episode called "Digital Nation", which discusses current issues in the digital invasion of our societies).

The world of the soldier is a world of risk management. You shoot, you get shot at. You go to war, you may not come back. These have been the unwritten rules of war for many thousands of years, and it has shaped the civilizations of the world and the social constructs and hierarchies that we live and relate to every day. the danger of war creates heroes and villains, and it's unique ability to take a staggering amount of life and limb makes it a force worth reckoning, and a serious mover of people and history.

This is why those who play video games like Call of Duty and Medal of Honor laugh at the idea that it's desensitizing them to war and violence. Gamers aren't stupid, and they realize that they are just pressing buttons in a virtual world, as much as the game designers want them to think otherwise. They understand that the actions they do in the game have no effect in the real world.

When you look inside the Air Force bunker in the desert outside of Las Vegas, NV, you could swear that that a bunch of gamers were getting together for some fun and games in a military setting. It's a bunch of guys, sitting around big screens and keyboards, talking military lingo, and controlling the action on the screen with joysticks. If it wasn't for the military attire, this would look no different than a small gaming convention. As the pilots shout commands back and forth using all kinds of military lingo and abbreviations, the action on-screen heats up. These pilots are playing some kind of simulation that very effectively simulates a precision air strike on targets they would be fighting overseas. No better training exists than this. The action looks eerily real, and the pilots are glued to the screens as if they were actually there, fully aware of their superiors standing behind them, evaluating and pondering every move and every strike.

The simulated target is a bogey on a motorcycle. He's going to meet his terrorist friends in an abondoned warehouse outside the city limits, and the pilots are tracking him to find out where this building is, and then take out the whole meeting with a well-placed bomb. The pilots cycle through all the typical reconnaissance technologies, tracking this guy so closely, you can almost make out his facial features. He takes a few detours. He stops to get a bite to eat and plays with some children in the street. The simulation wants to make this guy act like a real person would, to heighten the believability of the scenario. Finally, the target approaches the building and enters. A few moments later, the pilots are given the order to fire. The air-to-ground hellfire missile slams into the building, practically evaporating it.

Mission Accomplished. The pilots fly back to base, and land. In the real world, in Las Vegas, the pilots take off their headsets, shut off the computers, and go home to their families, safe and sound.

It may have looked like a training mission, but that that building really was destroyed. There was a real plane out there, firing real rockets, and killing real people. These pilots are piloting the newest and one of the deadliest weapons in our Army's arsenal. They are the pilots of the MQ-1B Predator Drones, the unmanned aerial vehicle (UAV) that is becoming ever so popular in Iraq as the air-strike tool of choice. It's changing the entire landscape of human conflict.

These soldiers are controlling an object thousands of miles away. It may as well be a video game. When they fire a missile, they don't feel it like a real pilot does. When they fly at ridiculous speeds, they don't feel G-forces. They don't wear oxygen masks, and they don't wear seatbelts. If it wasn't for military policy, they could come to work in khaki pants and a T-shirt. If they get shot at, there is only money to lose. If they get shot down, they still go back to their family at the end of the day. And of course, when they kill someone on screen,  that person is really dead.

It's scary, really. When you're that detached from the reality of combat, and yet your actions control the battlefield, it changes the way you think. There's a reason why the military requires military garb in this bunker. If the pilots weren't reminded constantly that they are fighting a real war, this may as well be the most realistic video game ever. When you're on the battlefield, you see the consequences of your actions, up close and personal. In a video game, you can afford to be reckless; your life isn't on the line.

It isn't very good for mental health. When you're being shot at, it isn't hard to fire back. When you're on the other side of the world, and you kill dozens of people with a keystroke, it messes with your head. When you go home to your family every night after leveling city blocks and killing countless bad guys behind the veil of the computer monitor, the emotional gravity of the situation starts to get under your skin, and many of these pilots need therapy for PTSD and other war-related mental health maladies.

on a less personal level, like I mentioned before, this is changing the entire battlefield of human conflict. When wars are fought from behind a computer screen, well behind your own borders, the dynamics of combat will never be the same. War has always been fought as a desperate struggle over human life. If you make a tactical decision, there is always the risk of getting shot at. The Predator drones are taking away the risk of death, and replacing it with the risk of monetary loss.

Many find this controversial. Studies go back and forth trying to determine if the drone pilots take more risks, and endanger the lives of more civilians, than say, an F-15 pilot who is constantly risking his own life doing the same work. I can see both sides of the coin. On one side, the freedom to make tactical decisions without risking life and limb should enable pilots to make more calculated strikes, and striking in ways that will decrease collateral damage. On the other side, the detachment from the actual field of battle could make the pilots detached from the reality and the consequences of what they do, causing them to focus on the objective more than the facts of life and death on the ground. In other words, you never worried about destroying neighborhoods when playing Call of Duty, because it wasn't real, and you knew that the game put more emphasis on completing the mission than keeping collateral damage to a minimum.

The Predator Drone is something out of a Sci-Fi movie. It is, quite literally, a cyborg army. War will be changed forever when robots are dying in place of humans. The only question is, will this change be good for us, or will it usher in a new, bloodier, age of conflict; an age where battles are won by the biggest wallet, where civilians are ignored because the pilots can't see them die. Or will it actually decrease violence in the world? When fighting a war only results in monetary loss, what's the point?

War is hell, true. But is will soon be just a virtual hell. And the world won't ever be the same.

1.29.2010

Why Can't I Be A Car Mechanic?


I hate cars so much right now.

I learned about basic scheduled maintenance the hard way when my heat started smelling like anti-freeze and my windows became coated with a greasy condensation that no amount of defrosting could vanquish, so I pulled into my local Midas to get it over with. Fingers crossed, I put my trust in the good people at Midas and hoped and prayed that my car was OK.

Two hours later I get a bill for $2800. Apparently, my car is in an imminent state of screwed. Here's all that was wrong with it:

- Heater Core is leaking (thus the smell and fog)
- Radiator is leaking oil
- Brakes are about to be metal-on-metal
- Timing Belt is cracked
- Cam Shaft Position Sensor is malfunctioning

Most people are lucky to know what half of those things are and what they do. But, the friendly and slightly country fellow at Midas warned me that I better get this stuff done lest I die in a flaming conflagration of car parts and gore. Alas, I could not afford to pay all that, so I began my quest for a second opinion.

Enter Brian. Brian is about as country as it gets, and he's an honest guy. You may not understand half the words that are coming out of his mouth, but you can be sure he'll give you a deal, and be honest about what really needs to be done. So I bring my car over to him, and he takes a look-see. Not only did he work minor miracles with the old Suzuki, he managed to fix the heater core leak with two tablespoons of black pepper. Yes, you read that right. Apparently, you can put pepper in your anti-freeze and it will go through your coolant system fixing leaks. It does this because of the inherent property of pepper to expand and solidify when dried. Or something like that. Either way, the point is that he could have charged me 800 bucks for that alone, and he ended up fixing it with pepper, and charging me with labor. He pointed out to me some other things I needed to look at, but assured me that it could wait a while longer, and come back when I could afford the various fixes.

He was a lifesaver, and I saved thousands of dollars by getting a second opinion from him. But that doesn't make me feel any better about the whole situation. You see, IT mechanics are just like car mechanics. We prey on the laypeople who are computer illiterate and take our every word as divine nerdy truth. When we tell people they need a new hard drive, they don't even ask why. They just pony up the cash. They need their computers so badly that they pay for anything, and don't stop to get a second opinion or second-guess the knowledge of the mechanic. It's a powerful feeling being respected for your opinion, and abusing that power is  simply part of the status quo best practices of the IT industry. When I deal with car trouble, it's very uncomfortable being on the other side of that playing field. I'm the one that gives expert advice, figures stuff out, and finds deals on things. I'm not the guy who is at the complete mercy of a high-school educated car mechanic.

Every time I feel that pressure of not knowing, I get angry at myself for not being educated about cars and their innards. I mean, cars are really no different than computers. The job consists of troubleshooting a machine made up of various interchangeable and necessary modules, and deciding whether or not to fix said modules or replace them. The difference is mainly in the tools (and the amount of grime). Just like I learned 50% of my IT skillz assembling and disassembling an old computer, the same could be said about cars. I should be able to get an old junk car, pop the hood, break stuff, and fix it again. I see no reason not to be perfectly capable of changing a tire, refilling oil, draining coolant, finding leaks, replacing cables and hoses, etc.  If I can assemble a working motherboard from disparate parts, I can replace a battery. It kills me that I'm making myself pay hundreds or thousands of dollars to do a job that's probably simpler and sometimes even more rewarding than what I already do all day.

This is something I will learn how to do. I can't accept paying so much money for things that I should know how to do, and would most likely even enjoy doing, myself. Over the past few days, I have learned a lot about cars, about engines and coolant in particular, and how maintenance on your car is just as important as keeping your Anti-virus and Windows Updates current; about how flushing your coolant is as important as a defrag and disk cleanup; about how replacing your brake pads is as important as replacing your hard drive every few years; about how putting pepper in your anti-freeze is kind of like.... well, nothing really. That was just friggin' nuts.

So, here's to my pledge to learn how to fix basic car trouble this year. No more getting screwed by Midas for this technologist (I'm not a geek).

P.S. Extra points of you laughed at the picture.

1.13.2010

This Is Why I Love XKCD

Before you embark on this journey of spontaneous cranial combustion, just remember that Randall Munroe, author of xkcd, was an engineer at NASA. Here we go (please click on it to see a bigger version. You're going to need detail for this):

Now, before you click your back button and scoff at the pointlessness of this strip, I urge you to read it a few times, and really think about it. Specifically, think about actually drawing the strip.

I'll give you a minute.

OK, this strip is an example of what we call self-referential recursion. Let's start with the self-referencing part.

Take this sentence: "This sentence has nine characters in it". True or false?

False, obviously. But now change the number so that the statement is true. It isn't easy. I don't think it's actually possible, and this is where the self-referencing part comes in. Read this rule slowly and carefully (lest you mind explode):

The amount of characters actually in the sentence is dependent on the amount of characters in the number of characters there are in the sentence.

Here's how it works. With no number in the sentence ("This sentence has characters in it"), it has twenty-nine characters. But once you put "twenty-nine" in the sentence, you've changed the amount of characters in the sentence, and it is false. The only way to make this true is to change the rest of the sentence around. Even then, it isn't a simple task.

Now, look at the first panel of the comic strip and see it with new understanding. And just in case you're a skeptic, the anally nerdy xkcd forum members have already proven the numbers to be accurate.

OK, got that? Now, off to the second panel. It's very similar in awesome-tude until you realize what's in store in the 3rd panel. Then you realize how much of a crazed genius this guy actually is. It's basically just a bar graph of the amount of black ink per panel, relative to the other panels. We already understand that this is quite complicated to determine, because it's self-referential and all three bars of the graph depend on how much black ink is in the graph itself. I'll let you mull over that one for a bit before we head into the recursion part of this little brain genocide of a webcomic.

OK, on to the third panel. On first glance, it seems a little pointless. He simply drew the strip again, and drew some lines outlining the location of the ink on the page. But now that we understand the point of the last two panels, the absurdity of this one isn't hard to spot. First of all, remember that it's self-referencing. In order for the second panel to be true, the amount of black in the entire comic has to be already known before any of the panels are actually drawn, and the amount of black in the third panel is just a smaller proportion of the already known amount of black in the strip. Are you numb yet?

Because this only gets better.

Most people would simply stop there and bow in nerdy worship of the great and holy Randall, but they miss the final blow to your brain. There's still the recursion to deal with. Let's do this.

Put simply: The entirety of the third panel is true. 


In order to understand this, we need to go back to the first panel. The exact language was: The amount of black in the image. Not in the panel. In the entire strip. It's hard enough to understand when you realize how hard self-referencing calculation can be (which we just did), but the third panel just brings this into a whole new level.

The third panel is infinitely recursive. It contains images of itself, shrinking forever until you reach a number called 1/infinity (a fraction infinitely close to zero). The amount of black ink in each recursive image also shrinks, making a infinite summation. This means that you keep adding a smaller and smaller number to the previous number. For example, if the recursive term is 1/2, then the infinite summation of 1 over 1/2 is : 1 + 1/2 + 1/4 + 1/8 + 1/16 + 1/32 + 1/64 + 1/128 + .... etc. It ends up infinitely close to 2. This what we call the limit of the function f(x)=1/2y as x goes to infinity.

By the way, if you're still keeping up, we're doing calculus now. Be proud.

So, in order for that value in the pie slice of black to be true, it would have to be the limit of an infinite summation of the black ink in each recursion of the strip. So the first panel has to take into account the rate at which the third panel shrinks the strip and thus calculating the limit as the summation approaches infinity, and each "first panel" in the third strip also has to reflect the total proportion of black in the entire image, even as the values of black in each addition gets closer and closer to 1/infinity.

Also, notice that the first panel never mentions the actual amount of black. Only the amount of black in proportion to the amount of white. When it shrinks, the proportions hold true even though it talks about that black in the entire image, because it is a proportion and not a value. The second panel deals with the actual amount of black in each panel. Since it is a graphical representation and not numerical, and it references the black levels in each panel, it holds true in every recursion of the third panel. Thus, the third panel is always true, even as the images get smaller.

So, let's review:

- The strip accurately calculates (in black) the amount of black in the strip.
- This is called a self-referencing calculation.
- The total amount of black in the strip had to have been calculated and known before the strip was even created (i.e. you can't do this with trial and error), which is insanely insane (and redundant).
- Due to the nature of the third panel, the amount of black in the entire strip (which was known before the strip was made) is actually a value that represents the limit of an infinite summation of increasingly smaller values of black in every recursion, and thus, the slices of the pie chart also represent limits of infinite summations. (Read that a few times. Trust me, it makes sense)
- Every recursion of the third panel is true, because of the proportional nature of pie charts, and that graphical bar graphs can be shrunk proportionally and still be accurate.
- Oh, and like I said, analysis has already been done on the black levels in the strip, and it's eerily accurate.

Yes, this is what Randall Munroe finds funny.

And this is why I love xkcd.

1.07.2010

Airport Security and Network Security


Once again, airport security is thrust into the limelight as it suffers an almost catastrophic failure to prevent the presence of explosives on passenger planes. A crackdown is about to ensue on many international flights, customers are in an uproar as ticket prices continue to reflect the security woes, and the lines only get longer. It can only make you feel that something isn't working.

Airport security is in many ways similar to network security. In network security, you have millions upon millions upon millions of data packets wanting access to your network, You know that 99.999% of those packets are just regular old communications going about their regular business, trying not to bother anybody, but needing to arrive on time. You can't rigorously check all the packets, because your network will break. But you have to have some layer of auditing, or else that .001% of data will wreak catastrophic damage on your systems. At this point, network security is all about setting rules that recognize good data and let it through without needless security checks. It's also about recognizing bad data based on signature files provided by Anti-virus products, as well as recognizing behaviors and traits exhibited by typically malignant data traffic. This is a very organic process, changing and growing every day, as dynamic as any human security system, if only on a different scale. Networks have to adapt on a daily basis as the threat environment changes and new technologies create greater and easier exploited vulnerabilities in even the most revered and venerable products on the market.

Security admins rely on religious tracking of log files and constantly educating themselves in the latest security  best practices to properly secure their systems. They know that the battles can be won, but the war is eternal. Unless you are constantly changing and adapting, you will lose the security battle. Every time. Security Admins understand that while performance needs to to take a hit sometimes to ensure good security, there's a fine line between acceptable slowdown and a broken system. Toeing that line is the challenge that ever admin faces, and knowing where to cross that line can mean the difference between uptime and financial ruin.

Also, there is no such thing as a random search of network traffic. You set up rules that flag suspicious traffic, and you can be running a low-level, unobtrusive scan of everything else as it passes through your routers and switches.

This could be a perfect model of how airport security should work. Of the hundreds of thousands of passengers flying on a given day, maybe one has malicious intent towards passengers. Maybe. This is because any attempt at mass destruction and crime on an enclosed airplane at 30,000 ft. is suicidal, and only the most deranged and extreme attempt it. Another little fact: At least 90% of extremist acts of violence done on planes are committed by dark, middle-eastern, Muslim young men. This is simply fact. There is no disputing this. They are being trained to do this overseas, as evidenced by the recent Christmas attack. When you have a clear as water pattern that makes sense, why would you try a random search?

If the logic is undeniable (try to deny it, it isn't really possible), then why are we so bad at making a working system that everyone is happy with?

The answer is little invention called "civil rights." I put in quotations because its usage deserves it. Somehow, it has become a civil right to be assumed innocent, even at the expense of lives. The argument becomes "You can't search me, that's an invasion of privacy! I have rights, you know!" When face with the cold logic of statistics and numbers, this argument is a moot point. If we know that people are pltting to blow up planes, and we know that in even the most conservative estimates, that person will be a dark, Arab, muslim, man, then why are we even having this discussion? And that's just the first fallacy of the argument. It is extremely selfish to think that your "privacy" (if you think that the TSA not knowing what goes on planes is privacy, then you're an idiot for other reasons) should endanger hundreds of lives. This isn't a personal attack on you, this is a precaution to try and stop criminals from killing you. Knowing you're innocent won't convince the TSA of anything. If you try to play the race card and tell me not to assume that just because you're Arab, you're a terrorist, I will play the moron card and tell you that i don't assume you are a terrorist. I assume that a terrorist will be someone who looks a lot like you. Therefore, I need to search you. I don't think you're guilty, but a guilty person would most likely be Arab. There's a big difference. In one, I am a racist. In the other, I am simply making logical and sound decisions on who search based on empirical evidence. It's not offensive, it's smart.

Obviously, we can't go around just searching Arabs. That leaves out the 5 or so percent of the population who would also commit horrible airplane crimes. We account for that 5 percent by doing a low-level, unobtrusive search on everybody. It would ideally be computer-run, would happen in seconds, and you wouldn't have to take your shoes off. I also don't think we need to be strip-searching every Arab. Aside from racial profiling, there is behavioral profiling. If we're not going to search every Arab, than we need to at least focus our behavioral monitoring on that demographic. It's proven to be a successful system in countries like Israel, where terrorism is an every-day threat, and there's no reason why it can't be enforced here in America. It's a lot cheaper than randomly scanning bags in state-of-the-art detection equipment, and it's about as unobtrusive as you can get.

I understand that there's a line somewhere that we're trying not to cross, but the numbers don't lie. We have start thinking like every other security environment, and be logical about our search criteria. Political Correctness is only an excuse until you have impaired an industry so much that half its airlines close their doors  or declare bankruptcy.

The Department of Homeland Security is of the opinion that their responsibility is not to catch terrorists, but  to prevent them doing whatever it is they do. If that means catching them at home or at work, then they've completed their job. That is what they'll tell you if you ask them how many terrorists they've caught at airports. They'll tell you that catching a bomber red-handed is not considered a success, and that's why you don't ever see it happen. They're usually caught long before that. Well, if that's the case, that terrorists aren't supposed to be caught at airports, then why are you spending so much time and money making airports look like border crossings? If you're so confident that you'll catch the bad guys before they sit on a plane, why don't you act like it?

IT security knows very well that giving data the "civil rights" and "privacy" that they deserve "as an American citizen" will end up in a compromised system. They also understand that you can't check all packets indiscriminately. It's about time that the TSA learns from their errors and starts treating security with the logic and know-how it necessitates.