Archive for the ‘blog meta’ Category

Passcodes Redux

Friday, 1 July 2016

To-day, I found myself unable to log-in to this 'blog. I got a diagnostic that I were entering the wrong password. I don’t want to burden my readers with a detailed retelling, but what had actually happened was that an up-date of WordPress rejected my password — it wasn’t that I were entering the wrong password; it was that the password that I was entering was now prohibitted.

On top of the login code misreporting the problem, the code for resetting the password wouldn’t tell me why my password was being rejected. But it was rejected for containing a particular sub-string; and when I removed that sub-string, the password was then accepted.

If you understand passcodes (perhaps in part from reading my previous entry in which they were discussed), then you should see that there is something literally stupid in the WordPress software. Let’s say that the forbidden sub-string were 8675309 and that my password were X.52341-hunao-8675309.Y. If I drop the 8675309, the password becomes X.52341-hunao-.Y. That is now accepted, though it is less secure!

If a would-be intruder knew where in the original password 8675309 appeared, and knew the length of the password, then the password would effectively be p1p2p148675309p22p23 where each pi were an unknown character, and the new password would be p1p2p14p22p23 so that the two passwords would be equally secure!. (Either way, an intruder must find a sequence of sixteen unknown characters.) But, as it is, would-be intruders wouldn’t be sure that the sub-string appeared, let alone where in the code it would appear, nor how long the password were. One could, in fact, conceptualize the sub-string 8675309 as if it were a single character of extraordinary length (a macro-character) and of great popularity which character might appear within a string of equal or greater length, in which case prohibiting the sub-string would be rather like prohibiting the use of E.

That’s not to say that common sub-strings should simply be accepted as passwords or within passwords. A great many systems have been hacked because someone foolishly used passwords such as password, root, or batman. But, instead of rejecting a password because it contained a popular sub-string, the software could, for example, test to see whether the password would be secure if the sub-string were excised, in which case it should be at least slightly more secure if the sub-string were retained.

(Note that this approach works with popular sub-strings of any length, including those of just one character! In fact, when there is no upper-limit on the length of passcodes, they may be securely constructed of nothing but popular sub-strings each of which has multiple characters; a secure password could be made by concatenating ten or more of the one hundred most popular passcodes. Mathematically, the problem of using just one popular passcode is fundamentally the same as that of using a short passcode!)

Sometimes, it’s smart programming to write stupid programs, because the costs of designing, implementing, and maintaining more sophisticated software out-weigh the benefits. But, here, the WordPress programmers have opted for cheapness in a way that needlessly thwarts and insults some users, and can actually make systems less secure in those cases. (And the poor diagnostics are simply inexcusable.)

Behind the Veil

Saturday, 28 May 2016

Yester-day, I made the unhappy discovery that seven entries to this 'blog that were intended to be publicly accessible have instead been restricted. Apparently the restriction was caused by a bug in a WordPress plugin or in WordPress itself. The bug doesn’t seem to have bitten since 2010, so I believe that it were resolved by some software up-date.

I used a little MySQL to set things straight, then went over a back-up copy of the dB to identify all the affected entries, so that I could list them here.

Three of the affected entries are simply trivial. One is about poor performance by my previous site host 'Blog Bog [16 March 2008] and two are about entries to a contest to create types of jelly beans. and why it should win [16 March 2008]
Full of Beans [19 March 2008]

Two of the entries are on IT A Useful Bit o' PHP Code, Set Right [16 June 2008]
Installing Firefox 3.0 under Red Hat Enterprise Linux 5.x [17 June 2008]
and that second IT entry now has very little marginal value except to someone making odd software choices.

The remaining two entries are also the most recent. A Big Ol' Entry on Patents and Copyrights [20 June 2008]
Thoughts on Boolean Laws of Thought [13 February 2010]
I very much regret that the entry on intellectual property has apparently been hidden from most visitors for more almost eight years!

Looked and Felt

Thursday, 26 May 2016

Some days ago, people who consume this 'blog by an ordinary visit with a graphics-enabled browser were confronted with different graphics within the header. The prior and present graphics look like this [image of archaic header lettering, white] but, for a while, the graphics looked like this [image of art-deco header lettering, metallic with grey borders] and then like this [image of art-deco header lettering, the larger being metallic with grey borders and the smaller being white with grey borders]

I had been in the mood to try a change. I constructed some new letters of a general form that I like, which used to be popular for the cover titles of pulps and of comic books. I decided to give them a metallic look (which was done by layering gradient fills of blue-grey).

But my big problem with the results was readability, especially of the subtitle. Changing the subtitle fill from a metallic texture to a solid white helped somewhat, but readability still wasn’t what I wanted. The problem was even worse when displayed on my tablet, which resizes images to suit itself and can thereby further blur graphics.

Additionally, though I don’t worry a great deal about the æsthetic opinions of others when it comes to my 'blog, both of the people who expressed a preference expressed it for the prior lettering. (One of them declared the newer graphics to be faux-cool.)

I may not be done with these experiments though. I’ve been thinking of converting the visual theme of this 'blog into a meta-theme, whose graphic components vary, perhaps as a function of time or perhaps randomly or pseudo-randomly.

I have played-around with elements for a distinct presentation to mobile devices, but I note that the screens of typical mobile devices are now fairly large and of high resolution. Meanwhile, the current presentation actually seems pretty good on my agèd cellular phone, which has a screen with a 3.1-inch diagonal, with 480×640 pixels.


Wednesday, 18 May 2016

The extended quiescence of this 'blog has largely been an artefact of my limiting of various activities as I bore-down on critiquing Production of Commodities by Means of Commodities, a work of heterodox political economy by Piero Sraffa. The task has been thoroughly unpleasant, because there is so very much wrong with his work and because he writes in an obscure manner. At the same time, I have been dealing with depression intensified by personal circumstances. Had I allowed myself to step away from the project more than I did, I might never have finished it.

I have not, indeed, finished it; but, on Wednesday morning, I completed a first draft of the article. That draft is now in the hands of some of the other economists whom I know. (Naturally, I have since found things that I want to change, though none of these represent a major issue.) So I think that I will be back to writing more entries here.

One of the economists who has graciously said that he would take a look at the article (not-withstanding that it is monstrous in size!) asked me what motivated my writing of it.

Over many years, I have repeatedly been annoyed by encounters with those who draw upon PoCbMoC. More recently, I have been concerned by increased popular support for administrating economies (which support happens to be egalitarian or quasi-egalitarian); and this book is part of the infrastructure of the experts who defend such administration.

Further, at the time that I finally began actually working on this article, I felt stalled-out in my paper on the axiomata of qualitative probability. (That paper was and is a rat’s nest, in which the basic propositions are not currently each perfectly orthogonal to all others.) In a sense, then, this article on Sraffa’s book was intended as a break, though I quickly discovered that the task was going to be far more onerous than I had presumed.

Production of Commodities by Means of Commodities is the central text of neo-Ricardian economics, and a core text of post-Keynesian economics; it is also an important source for a variant form of Marxism that would abandon the labor theory of value. If I can get my article published in a reputable journal, that publication will eventually be the death of neo-Ricardianism and of the aforementioned variant of Marxism; I don’t know enough about post-Keynesianism to know how well they might do without PoCbMoC. Some of my criticisms are relatively minor, but some of them strike at the heart of the work.

(It took rather a long time to develop my article, but reading it offers the impression a nearly continuous rain of blows, some dreadful.)

I say eventually because I wouldn’t expect the present admirers to acknowledge how hard they’d been hit, but I’d expect a virtual end to the winning of converts. I don’t know that I can find a journal to publish the article because

  • it is quite long;
  • the mainstream of economists are unfamiliar with PoCbMoC so that
    • editors and reviewers may think it insufficiently significant, and
    • those reviewers most likely to feel sufficiently competent to examine my article are admirers of Sraffa.

I intend never again to pore over a work, even as short as PoCbMoC, when it is discernibly crack-pot. As I told a friend, I have been doing my time on the cross here; let someone else go after other such thinkers. I am capable of original work of significance, and that is how I intend to spend my remaining time qua economist.

This 'blog was begun as I left LiveJournal, appalled by its evolving policies under its second and then third owners. One might reasonably conceptualize this 'blog as a continuation of that which I had at LJ, and some of the entries of this 'blog are recyclings of entries from the earlier 'blog.

None-the-less, this 'blog has become very different from its predecessor. LiveJournal is a social-networking site; part of the reason that it has withered is that its users migrated to more successful social-networking sites. My present 'blog doesn’t work that way. I have recurring readers, but there’s nothing much like the Friends feed of LJ or of Facebook. There is no centralized connector of interests (as on LJ). I have regular readers, but they are likely to use an RSS aggregator (such as Flipboard) and less likely to comment (especially if they are using such an aggregator). I get far more irregular visitors, who are here by way of Google (or of some other search service), grabbing some information, and not so much as visiting any page here other than their entry pages.

So it doesn’t feel appropriate to offer mundanities of the sort that I would relate to a neighbor or to a friend on the telephone. My public entries tend to be things that I imagine strangers would appreciate reading. The restricted entries (basically accessible to friends who followed me as I migrated from LJ) are almost entirely personal; but a reader is required to make a special effort to access them, so they are not about ordinary events; they are usually very personal.

With entries to this 'blog thus typically requiring more thought, there are generally fewer of them, and the 'blog becomes dormant when I cannot — or believe that I should not — give thought to those entries.

Please Stand By

Saturday, 16 January 2016

The server on which this site is hosted is expected to be down for six hours, begining at 06:00 on 29 January UTC. (In parts of America, that interval begins in the night of 28 January.)

A Matter of No Pinterest

Wednesday, 5 August 2015

A number of visitors have pinned images from this site to their boards at Pinterest. These actions wouldn’t bother me, except that I am very offended with the way that Pinterest attempts to compel visitors to log-into their site to look at boards, and to register an account even to contact them over an issue. Pinterest throws a mask between their content and a visitor (and have tweaked the coding of the mask to prevent its blocking).

I used to have a Pinterest account, but I walked away from it over the demand that I be logged-in to see what my then-girlfriend had pinned to her boards. I find now that Pinterest has the chutzpah to mask the specific set of images from this site pinned to the boards of various of their users.

(Pinterest can drive visits to a site. But I don’t allow such concerns to determine the management of this site.)

In order to obstruct the pinning of images from this site to Pinterest, I have added the tag

<meta name="pinterest" content="nopin" />

to the headers of this 'blog. This obstruction is imperfect, but Pinterest uses Amazon Web Services, and I don’t want to block everything else that does. Nor do I want the code for this 'blog to test each visit to see whether the Pinterest client is attempting to effect a pinning.

Don't Bank on It

Saturday, 25 July 2015

This morning, I discovered that a number of attempts in 2012, in ’13, and in ’14 to breach the security of this 'blog came from an IP number assigned to the Federal Reserve Board (

No, I don’t think that Ben Bernanke and Janet Yellen wanted to crack my site. Rather, I’m pretty sure that a Fed computer was itself cracked, and was operating as a 'bot, for years. 'Cause that’s how our government rolls.

Look and Feel

Thursday, 7 May 2015

Some time within the next few days, I’ll be testing a revision of the visual theme of this 'blog. Things may, at various intervals, get literally ugly. Please bear with me!

If-and-when the revision is completed, on some displays the look-and-feel of the 'blog may seem perfectly unchanged (though that won’t quite be true); but, on wider displays, better use will be made of available space.

If you find that there is a persistent problem with the rendering of this 'blog, then please contact me! Please describe the problem clearly. And, as precisely as you practicably can, please tell me your

  • device (eg, a Dell Inspiron Mini 1012),
  • display-size in pixels (eg, 1024×768),
  • operating system (eg, 64-bit Fedora Core 21, or 32-bit Windows 7 Starter),
  • browser (eg, Opera 12.16)

(If you don’t know some of that stuff, then just tell me what of it you do know.)

For now, I am concerned with how the 'blog is displayed on devices whose display-widths are at least 760 pixels. Later, I will attempt to address how the 'blog is rendered on the lower-resolution displays of some mobile devices.

[Up-Date (2015:05/10): The revised theme is now installed and selected. Again, please let me know if you have problems, and in such case please provide the information listed above.]

To Write, or Not to Write, That Is the Question—

Tuesday, 16 December 2014

I wonder whether I’m engaged in soliloquy. Some people have accounts on this 'blog, allowing them access to restricted entries, but I don’t know that anyone is actually logging-in and reading those entries.

I Know It When I See It!

Saturday, 6 April 2013

Yester-day evening, I was using a publicly accessible WLAN to connect with the Internet. I found my access to this ‘blog blocked by a Norton-branded product, which declared the ‘blog to be pornographic.

Erotica really hasn’t figured large in this ‘blog. You can find the relevant entries with the tag erotica. I think that the two or three entries that caused Norton to damn this thing are specifically my entry of 2 July 2009, my entry of 26 March 2010, and perhaps my entry of 30 June 2010; the entry of 30 January 2011 may have weighed against me as well.

Of these, the entry of 2 July 2009 is the one that most likely set-off alarms. It contains an overtly erotic image (by Carolyn Weltman), and has a key-word of cunnilinctus.[1] Do a Google image-search using that key-word, and a link to that entry is currently the second returned. And, because of a couple of the other key-words in that entry, other images are also found, including one by Karel Šimůnek than many would regard as pornographic.

In the ’50s, the drawings by Joe Shuster in the entry of 30 June 2011 would have been regarded as pornographic, though now the word pornography would typically be regarded as too strong. (Actually, a hundred years ago, many would have insisted that the picture in my entry of 2 February 2011 were pornographic, while now-a-days it could appear in a children’s book without fuss.) Still, the text in that entry contains the term sado-masochistic and there are pictures, and Norton’s classification was probably mediated with weak AI; indeed, once other flags were thrown, the appearance of the word dominatrix in a follow-up entry may have been seen as further PoP.

Most WLANs that filter do so by way of a DNS table. When a browser seeks content located in terms of a URI or of a URL, and that specification includes a domain name, the domain name is converted to an IP number by way of a DNS table. By censoring the table that is used, the WLAN can block domains.

Some people subvert this censorship by way of a proxy server, which is no more than some site that will act as an intermediary; fetching content from the blocked domain. The obvious problem here is that the proxy may be identified and blocked as well.

A better subversion is to use a different table than whatever is being supplied by the WLAN. In particular, one may configure one’s system to use DNS tables provided by Google, or perhaps by some other third party. But be alert that using an alternative DNS table may not be a good idea in other contexts. (For example, when using a subscription ISP that places quotas on content for most sites, but with exceptions.)

[1]The words cunnilinctus and cunnilingus are synonymous in English and in some other languages; but in Latin cunnilinctus referred to the act, while cunnilingus referred to a performer of that act. The latter word acquired its more recent meaning as a result of incompetent posturing (something that has figured more than once in attempts to borrow foreign terms and phrases). Efforts to clean-up this particular mess have repeatedly failed, but I avoid participating in it, by using the word that is both proper English and proper Latin. Hence my use of the less common term.