Thursday, December 27, 2012

Facebook Thinks I'm A Taliban

Facebook is giving me an identity crises
...At least that was the joke I made to my wife this morning when I saw the post below. The reply was "See, I always told you that you're on some list." A joke in poor taste and a much-needed chuckle after a busy and frantic holiday weekend. The amusement was short lived as I read some of the amazingly ignorant and shameful comments. This isn't a political blog, and I have no interest in politics- however, some of the comments were shameful in their level of xenophobia.

Now, I have a twisted sense of humor for sure. I'll throw pretty much any ethnic group (including my own) under the bus for a good laugh. But there wasn't a whole lot of laughing going on at the link I clicked on. It seems like I was the only one who found it amusing.

Clearly Facebook has a bug in their keep-stupid-ads-in-your-face algorithm, which decides what stupid ads to show you. Since I don't speak Arabic, I'm just going to assume that the ad they tried to show me stands for everything I'm against, and vice versa. Whatever algorithm that should have been deciding to show me bacon or boobs was clearly malfunctioning this morning.

Facebook must be getting ready to turn up the heat up on a big advertising push or something. It seems like those "suggested posts" have been gradually getting more annoying. My Aunt Bertha likes M&M's. Thanks for keeping that front and center in my news feed for the last 2 weeks!

Saturday, December 15, 2012

It's time to fix DNS

The Domain Name System- DNS- has been with us since the dawn of the Internet. It's one of the simpler protocols. You give it a name like "" and it gives you the IP address of that domain. Sounds simple, right? The way DNS works is actually fairly elegant, especially considering its age. It's a hierarchy, where each DNS server can kick the request up the chain of command, until an "authoritative" server-one which has the authority to speak on behalf of that domain- is found. But the functionality is simple conceptually: give DNS a domain name and it gives you back an IP address. That is supposed to be its only function.

What DNS has turned out to be, though, is the main front in the war to control what you, the Internet user, can see, interact with, and more importantly, purchase. Governments want to tinker with DNS to bring about censorship. They can for example redirect you to a warning page if they don't want you to visit That's pretty scary to type in a web address and see a large government logo warning you that you can be arrested, fined, tortured and so forth, just for visiting this so-called illegal content, the legality of which can even vary from place to place.

Corporations and large commercial interests like the entertainment industry also wish (intend) to use DNS for censorship. It's a different form of censorship from what governments do, but that's what it is - censorship. Instead of "illegal" bits of 0's and 1's, they would censor you from "infringing" content. Doesn't sound too scary so far, right? If we can use DNS to stop people from visiting child porn sites or downloading a movie without paying for it, then it's a small price to pay, right?

No, for a number of reasons. First off, there isn't and mostly likely won't ever be accountability for getting it wrong. There's just too much temptation and potential for abuse. Think about it: If it's in a company's best financial interests to abuse something, and there's no consequences to abusing it, then it's simply human nature. Your daughter will do a book report on the book Little Women, and the automated repress-o-matic system (tm) will incorrectly flag your content as unacceptable. And that'll be it. Without due process to protect you, the burden of proof is now on you to show that your book report isn't kiddie porn.

Or you might be a writer. You write a story, put it on your blog and some huge content mega-conglomerate simply flags your content as its own. Why? Maybe you made some reference to something copyrighted, even one that's considered fair use. Your work is no longer accessible. This kind of thing already happens to some extent. But add DNS censorship to the mix, and not only will some mega-corporation claim your content, but now when users type in the address for your web site, they are directed to an FBI logo telling that user that they are visiting an infringing web site. Left unopposed, these huge content providers will claim all content in existence, and turn the entire Internet into a pay-for broadcast medium where everything you click on deducts from your bank account.

It's already happened where a web site which was found legal by the court of the country it was operating in was set to redirect to a scary US government logo page informing those users that they were trying to visit an illegal site. They could do that because the US controls the DNS infrastructure, much to the chagrin of the rest of the world. So, it's already starting to happen. It's just a matter of time before scenarios like powerful people and companies using it to silence critics or harm their competition.

But in a sense, it doesn't matter. All DNS does is simply map a name to an IP address. It's a simple protocol. If people stop using/trusting it (which is already happening) then they will just trade those mappings as another form of illicit information. It's still a meaningful form of censorship, but it's debatable whether it's a viable one.

The problem with using a common Internet protocol as a tool of censorship, is that it essentially breaks the Internet, in this case in a misguided attempt to enact a form of censorship that's easy to bypass. A famous nerd, John Gilmore once said: "The Net sees censorship as damage and routes around it." So, by breaking the Internet, they are only forcing its improvement by driving innovation.

The problem with DNS, and the main reason it needs to be overhauled, is that it's one of the few centralized points in the mostly decentralized Internet. Take away the enormous DNS cash cow of ICANN away, with the behind-the-scenes control that goes with it, and the Internet is pretty much just a bunch of computers all connected straight to each other, without a need for any central authority to mediate those connections. Somewhere along the line, this simple protocol became about controlling you, the user.

Decentralize DNS, Pretty Please, And Pronto!

Before we address other problems with DNS, we first need to think of decentralizing it. There's really no choice. The Utopian central authority doesn't exist, and besides, it's already starting to fray at the seams. If we do nothing, my guess is that DNS is going to just dissolve. At that point, the Internet will be less useful.

There are people already working on this problem. Solutions like ODDNS look promising.

Now, Make DNS More Secure

A protocol this important needs to be encrypted. If you can't DNS it to give you the address of something or a financial institution, we're all pretty much screwed. It's almost too late for us not to use the Internet for our sensitive financial information.

The solution of course lies in encryption. Personally, I wouldn't trust SSL for the job, as it also needs an overhaul. But maybe the next generation of SSL, if there is one, would work. Whatever we use should have a really big key size too. Otherwise, anyone with a supercomputer could go right back to tinkering with it.

I would also make it algorithm agnostic, meaning that it should work with whatever encryption algorithm is the most secure at any given time.

I would also make it only use open source encryption algorithms.

Just like for decentralization, there are lots of people already working on DNS encryption solutions, such as DNSCrypt.

How Will It Play Out?

That's the million dollar question. Governments, corporations and international organizations like the ITU are all vying for centralized control over DNS. This should make it clear to anyone with half a brain that DNS cannot be allowed remain centralized, lest the Internet decay into a bunch of so-called "darknets." Traditionally, technical policy is made by those with the least amount of technical understanding. We need to look to another segment, the people who invented DNS in the first place; the Nerds. Outdated protocols like DNS need to be modernized, and pronto. Otherwise, everything we Nerds built will be turned into a paywalled sandbox, with content only suitable for the lowest common denominator.

It is my sincere hope that the Nerds will continue to mobilize, and pull the rug out from under these assholes. Fix DNS now, please, and thanks in advance.

Wednesday, December 12, 2012

Unboxing A New SSD: The OCZ VTX3MI-25SAT3-240G Vertex 3

OCZ VTX3MI-25SAT3-240G Vertex 3 SSD
Yep, it came with an "I <8 my SSD" sticker
Yesterday my new OCZ SSD arrived, and I wasted no time putting it to work. Since I do all my work using virtual machines, all I had to do was copy a file to the new drive and then boot up my work machine from the SSD! Bam!

So about 30 minutes after opening the package, I was compiling our .NET based insurance policy management system project. This was purchased for me by the company, and I got to thinking that even if it only survives 6 months, it's still worth the $179 the company paid for it.

Will it be reliable? That's the question in my mind. But if it's not, well then it sure is fast until it craps out. I understand a lot of huge data centers are moving to SSD, even with the fact that they don't have the same lifespan as spinning platter based drives. And now, I can see why.

Having my work VM run off of this new SSD turned it into a real beast. The VM has 2 cores (of 6) devoted to it, as well as 4 GB of memory and now its own SSD. The memory and SSD upgrades cut my compile time in half of my big projects as well as making the machine itself much, much snappier.


OCZ VTX3MI-25SAT3-240G Vertex 3 SSD mounted to 3.5 inch adapter plate
It comes with a cool adapter to mount it into a desktop case

OCZ VTX3MI-25SAT3-240G Vertex 3 SSD with tape holding it on
My Antec case has these little drawers that slide out for drives

OCZ VTX3MI-25SAT3-240G Vertex 3 SSD with tape holding it on was either tape or a drill, and I chose tape

OCZ VTX3MI-25SAT3-240G Vertex 3 SSD mounted in Antec 900 case
Here it is mounted in my Antec 900 case

OCZ VTX3MI-25SAT3-240G Vertex 3 SSD mounted in Antec 900 case with green light
It's got a green light on it

Tuesday, December 11, 2012

Android Explained: File Associations

File ... what?

File associations are a relic of modern computing, where most data is stored in the form of files. Each file has a name and resides in a directory. Because there were no universal formats for storing data, or even for determining the type of data contained within the file, operating systems began encoding the type of data into the file name itself, by adding a "." and then a code describing the type of data contained in the file. Most seasoned users would recognize the now common ones like .TXT (text file) or .EXE (application).

Now, with a semi-universal scheme of file extensions, it because much easier to know what computer program(s) a file belonged to. Just so long as the format of the data in the file matches the semi-universally-accepted file extension, everything works without a hitch. In practice it's not as bad as it sounds.

So, a file association is just a list of a program or programs (if you're under 30, call them "apps" instead) which are believed to be able to read a file of that format. It's no guarantee, but most of the time it works.

Here Comes Android

Android File Association Prompt
File associations shown if there's no default selected
For decades, Windows has handled this smoothly and effectively. But Windows had a long, long time to get it right. Android is still fairly new, and it doesn't seem like they thought this through all the way.

In Android, an app registers its intent to work with a certain kind of data. So for example, a video player might register for one or more video formats, like MP4, AVI, etc. When you open a file in Android, the system looks through a list of apps which can work with that data, just like the system does in Windows.

Changing File Association Defaults in Android

The difference then is that where the default application for a file format is stored with the system itself in Windows, in Android its assigned to the app which is the default for that data type. So, when you open an AVI file, Android looks through all the apps registered for that data format (actually MIME type in nerdspeak) and looks at each one to see if it is the default app. This seems a little clumsy to me, but at least it's done seamlessly to the user.

BUT .. what if YOU the user want to change this default association? The answer is that you have to see what app launches, go into settings and then choose "apps" or "app management" on the settings menu, find that app, and manually clear that default association. At that point the system will start asking you from a list of candidates, until you choose another default.

Android File Association For App
In Android, the default file association belongs to an app, and you have to find that app to clear it!

Monday, December 3, 2012

Cat Signal: The Internet Defense League

Yesterday we received the "Cat Signal" and activated it on our site.

With the freedoms we enjoy on the Internet besieged from all sides from governments and corporate interests, it's nice seeing an organization like the IDL take up the banner on behalf of the Interwebs. It is absolutely vital that we stand our ground, so to that end, NerdJargon proudly supports the IDL.

One voice doesn't do much, but they've already heard our collective voices. They pulled the tiger by the tail with SOPA, so now let them hear us continue to roar!

Visit the Internet Defense League here, and tell the ITU to keep its grubby paws off our Interwebs.