idlethreat

I just finished Outliers, a book Malcolm Gladwell. The book is fascinating - yet has a rather depressing note to it.

The examples in the book are many and varied, and go from why most Canadian hockey league players are born in January to why most geniuses don’t actually get anywhere in life. It all comes down to one core argument, though: To be successful, be born in the right place, at the right time, to the right family, and then become obsessed with the right thing.

The statistics presented lead inexorably to the conclusion that it takes roughly 10,000 hours to become an expert in a field, and that to get this amount of experience at a young age, such as with Bill Gates, Oppenheimer, and several other individuals mentioned in the book, a person has to be brought up in a certain way, with enough resources to take advantage of that opportunity. Didn’t have the opportunity? Born to a poor family? Sucks to be you.

Looking at it from another perspective, you could take the view that the whole book is one giant apology from a genius for being smart, and that really feels like a slap in the face to someone like me, who centers a large part of their self-worth around being a geek. By golly, if just being smart isn’t good enough to make it, then what is?

In all of that uneasy, anti-intellectual sounding morass, though, there are two dimly shining lights in the text if you look hard enough. The first is that there’s a lot of squandered talent out there, and if we made some adjustments to our society and how we think about success, we could go from having a handful of Oppenheimers in a generation to having hundreds or even thousands.

The second is the idea that, so long as you have an iota of talent at something, it takes 10,000 hours of hard work to become an expert in a field. That’s it. The difference between world-class violinists and people who dabble in their spare time? 10,000 hours. As long as you put that much time into it, you can be an expert, regardless of your background or whatever. If you can forget the rest of the book about social background and ethnic influences, this is a pretty inspiring point. If you lived, ate, and breathed a topic, practicing for 16 hours a day, that means you could be an expert in something in just under two years.

On the other hand… this is also one of the points I take as rather contentious for one very simple reason: Tim Ferris.

Life Hackers

Tim Ferris is the author of ‘The Four-Hour Work Week’ and a reputed ‘life hacker’. He has a degree in neuroscience, is a world-class tango dancer, a national Chinese kickboxing champion, a best-selling author, and mastered the Japanese art of horseback archery, yabusame, in less than a single week. Not two years - five days.

As I underatand it, Tim draws on skills he’s learned from past experience, techniques he’s learned for body hacking, and a keen sense of observation to accomplish these feats. He relates drawing the arrows for reloading to scooping up a SCUBA respirator if you lose it, something he already has wel lingrained. He know that REM cycles ingrain short-term memory to long term, and that we have two per night, so waking up in the middle of the night for practice allows him to double his retention. And finally, he watches - really /watches/ - at what separates the experts from the amateurs. He breaks down their technique, and then just practices the key elements of the experts without going through the messy business of trial-and-error everyone else does.

Some people might say he’s faking it, or that he’s not a ‘real’ expert because he didn’t go up through the ranks like everyone else. But you can’t argue with results. In his final run, he performed flawlessly, riding at a full gallop with a Japanese longbow without holding onto the reins, and hit every single one the targets dead-on.

Has Tim Ferris spent 10,000 hours practicing the skills of a yabusame without realizing it? Or is he an expert at acquiring new skills? Or is the statistical fact that people who have mastered a skill spent 10,000 hours in practice the result of other social-biased, preconceived notions about learning?

What if we could all learn a new skill in a single week? And what if we could provide every student in the world with the same skills at learning, and the same opportunity to learn?

crickel Muddling About

I got a Kindle 2 for Christmas.

Did you know that Google has books in the public domain scanned in, and you can download them in EPUB format, load them right on and go to town? Isn’t that just awesome?!

Consider this: Right now, Google has over 7.5 million books scanned written in English and in the public domain. If I could read those at a rate of one per minute, for 16 hours a day, I’d be finished in… roughly 21 years. And that’s just the free ones I actually can understand. I’ve been threatening to learn to read Japanese and Russian for a while, but if occurs to me now that if I do, I’ll have yet more books to read.

As it is, I already have over 200 books on the thing. Most of them science fiction paperbacks. If you stacked them one on top of another, they’d reach 12.5 feet high. I haven’t had to charge it in a month. Pretty impressive for something that’s only a third of an inch thick.

In a single copy of the New York Times, there is more information than your average medieval peasant was exposed to in their entire life. In the Information Age, you will not be characterized by the amount of information you have available to you. You will be characterized by the quality of information you receive, the choices of what you take in.

Think about that next time somebody sends you another email with a LOLcat in it.

crickel Amusing

Hi everyone! A friend of mine convinced me that I should be putting technical items up on a blog. So without further ado:

Everyone knows that transmitting private data using https is far more secure than using http. But how secure is it, really? There are many different encryption methods that https has available to it, especially in a default configuration. Sometimes, however, you may not have the configuration available to check. And even if you have access, even when you’ve modified your default configuration to be secure, rogue included configuration files may change the ciphers settings on a site-per-site basis. The best way to be sure that your website is configured to use strong ciphers is to test it.

There are many fine tools out there that already fill this need. Some of them, such as Foundstone’s SSLDigger, can even generate and save attractive reports to hand to the administrators. (Red ink is optional.) The fastest way to test your cipher strength, though, is right within your reach at the command line.

There are two applications I’m going to cover here, curl and openssl.

openssl

openssl has many useful commands when it comes to using ciphers. Right now, I’m only going over the two we’re concerned with. The first, of course, is the ‘openssl ciphers’ command, which can fetch you a list of ciphers available on the server. If the cipher isn’t in this list, you can’t even configure your system to use it, so doublecheck what LOW, MEDIUM, and HIGH ciphers you have available first!

openssl cipers -v 'HIGH'

The second command is the openssl s_client. It has a couple quirks. Here’s an example:

echo 'GET HTTP/1.0' | openssl s_client -connect gmail.com:443

Notice that the line starts with an ‘echo’. When s_client connects to a host, it then waits for user input for what it sends to the remote host. It needs to send an appropriate ‘GET’ string in order to fetch data. So we feed that input to it in a pipe, it’s happy, the remote server’s happy, and everybody gets what they’re looking for.

This little command is quite versitile and robust. For instance, you can fetch a remote certificate and check the dates on it like this:

echo 'GET HTTP/1.0' | openssl s_client -connect www.google.com:443 2>/dev/null |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' |\
openssl x509 -noout -subject -dates

What we’re interested in, though, is testing out ciphers.

echo 'GET HTTP/1.0' | openssl s_client -cipher HIGH -connect gmail.com:443

The -cipher option takes a cipherlist and uses only those ciphers. For the the nitty gritty details about what constitutes a cipher list, check ‘man ciphers’ - but you should already have a good idea on this. Remember to make sure and use ‘openssl ciphers’ to check your server specifically if you’re having problems!

curl

One thing that’s important to note is that we’ve found through testing on multiple servers that the curl command does not always use the ciphers given in the arguments. Sometimes it fails and simply continues on with the strongest ciphers available instead. That said, if it DOES use the proper ciper (and you can tell if it does in the verbose output!) it’s more convenient since you don’t have to pipe things at it.

curl --ciphers HIGH -v https://www.google.com

Note that if you’re trying to pipe output to a file, more or less, curl uses STDERR for all its verbose output, and STDOUT for all the. You’ll need to redirect both of them in order to get the whole story.

curl --ciphers HIGH -v https://www.google.com &> test.txt

Using the pipe is even more fun. This redirects STDERR to STDOUT and then lobs them both through the pipe:

curl --ciphers HIGH -v https://www.google.com 2>&1 | less

There are many more options available to curl that can be found in the manual, including authenticating with usernames and passwords, POST variables, change the user agent and even limit the speed to simulate real user scenarios.

Using these commands, you can quickly and easily test your webpage performance under realistic scenarios and record results from ciphers on the command line directly, without having to break out your GUI and get your hands dirty.

crickel Code

Wow. it’s been a while since I posted anything on here. Here’s hoping this one is worth the wait.

I recently came across Synplant and have been using it in its three-week testing mode to see if I liked it enough for purchase. Short and sweet, it’s a pretty damned interesting a fun plugin to explore music.

While digging around in the software, I run across the fact that the Synplant patch files (called .synp) are nothing more than text with minimal formatting and settings for the Synplant application itself:


SynplantPatch: {
Version: 10
Implementation: 10
Name: "AZ Quartet"
ModWheel: 88.18897605 %
Rotation: 0.00000000 degrees
Tuning: +0.00000000 ct
Atonality: 7.26197660 %
Effect: 29.45638895 %
Release: 1.23537318 s
WheelScale: 41.46341383 %
VelSens: 50.00000000 %
Volume: -9.32751660 dB


“Well damn,” I thought to myself “I can probably write up a random sound generator with that”. So, with a bit of hacking and some Python, I did.

The resulting application is named GeneticModification for Synplant. It seems to work pretty much 100% with v1.0.1 (154) with no crashes or problems with the synth.

If you want to download and check it out, please get it from [[right here]]. You will need Python 2.6.1. To make it work, run the script by itself. It will create a new, randomly named patch for you in the current directory. Keep running the script over and over to make more patches to play with.

If you just want to check out some of the patches that GeneticModification makes, I’m also making available a set of free randomly generated Synplant patches. You can download the patches from [[download patches]]

That should be enough to get you running. Remember this script is extremely early in its development cycle, so check back to see if and when I get new features for it.

Enjoy the new sounds that it makes! If you end up making some great stuff, send me a copy!

Cheers,

tom

Quick Edit!

Since Python isn’t default on any Windows systems, I’ve lovingly hand crafted up a GM For Windows. This can help you out if that happens to be your OS of choice. MD5 is 67da86bce4841dc028bc48d1199029a1 and I’ve personally tested it on 32 bit XP without any issues.

Enjoy!

tgiles Uncategorized

View Larger Map

This year’s vacation extravaganza had our resident geek flying from Kansas City out to the west coast for two weeks of vacation goodness. Some take-aways from the vacation:

• Take a two week vacation. Seriously. Stop splitting your vacation time, a long weekend here and there, and mabbie a week during the summer.take the whole damn time off all at once. Go out of the country, go somewhere completely different and enjoy the hell out of yourself. You deserve it.
• Even in the middle of summer you will need long sleeves and a jacket in San Francisco. Brr.
• In-n-Out burger is OK. Not the “so great god must have dipped his balls in it” that I’ve heard, but good. I like the fries.
• Tomtom GPS receivers are so good you will want to weep openly. Go ahead, you’re among friends.
• Tomtom GPS receivers will somehow make you drive by the only Best Buy in the region every time. Spooky.
• “It’s a dry heat” is a lie.
• Deserts are neat for about 5 miles.
• A good titty show is about 70 bucks for two. Production is surprisingly good.
• You will leave something behind. That’s ok.

Ok. that’s all I got. Now to find something new to start coding on.

Cheers,

tom

tgiles Uncategorized