Privacy (notes on how to have it)

TODO: break this up into digestible chunks.

See also: ssh, gpg, email for tedious technical details of those particular tools.

Now, the screed:

Privacy is a relative, incremental thing.
Let’s think about upping the level of basic security around ourselves from
the current social norm,
(which, unless you are taking steps, roughly equivalent to all of us standing
naked on the street corner shoving endoscopes up our arses while screaming out
our credit card numbers as a musical accompaniment)
to basic safety and sanity.
This won’t require wearing tin-foil hats and living in a bunker, merely pulling
out the endoscopes.
Basic dignity first, and leave the freaky spy shit
to people with the appropriate
personality defects.

This will be more tedious than we’d like, because the world is badly designed,
but let’s start with what’s achievable, and work towards making it easier next
time, eh?

Practicaly, first step, I would like to minimise the
amount of information complete strangers get about me for free.
For example, I would prefer the mafia not to be able to buy stuff with my
credit cards, I’d prefer my personal relationships are not used sell crap to
me, I’d prefer not to release those awkward photos from when I had a pony tail.
Broadly, some
stuff I’d like to keep private, some stuff I’d like to share, and some stuff,
I’m happy to share, but only for the right price or with the right organisation;
I simply want to assign my personal information to the better categories, and
at a better price point.
And by “better”, I mean, “not selling the foundations of functional
democracy for all future times to unacountable interests for effectively a few
dollars a year.”

How we could do it better later

(I give you permission to despair if you can do it amusingly,
I’d prefer amusingly with hope

vinay gupta:

GPG and HTTPS (X509) are broken in usability terms because the conceptual
model of trust embedded in each network does not correspond to how people
actually experience the world.
As a result, there is a constant grind between people and these systems,
mainly showing up as a series of user interface disasters.
The GPG web of trust results in absurd social constructs like signing parties
because it does not work and creating social constructs that weird to support
it is a sign of that:
stand in a line and show 50 strangers your government ID to prove you exist?
Likewise, anybody who’s tried to buy an X509 certificate (HTTPS cert) knows
the process is absurd:
anybody who’s really determined can probably figure out how to fake your
details if they happen to be doing this before you do it for yourself, and of
the 1500 or so Certificate Authorities issuing trust credentials at least one
is weak or compromised by a State, and all your browser will tell you is
“yes, I trust this credential absolutely.”
You just don’t get any say in the matter at all.


The best explanation of this in more detail is the Ode to the Granovetter
Diagram which shows how this different trust model maps cleanly to the
networks of human communication found by Mark Granovetter in his sociological
We’re talking about building trust systems which correspond to actual trust
systems as they are found in the real world, not the broken military
abstractions of X509 or the flawed cryptoanarchy of GPG.

How we could do it better now

So, some baby steps towards a healthier privacy regime.
I am going to list some
techniques that have aroused my attention.
Later I will triage them according to how urgent is the priority of the privacy
leak they plug and how onerous to handle; e.g. something like:

  1. first keep my credit card details out of the hands of the hands of the mafia, then
  2. keep gratuitous personal data out of the hands of unscrupulous corporations, next
  3. keep nude selfies and pony tail pics out of the hands of futures employers
  4. keep personal data out of the hands of prying foreign security agencies
  5. keep personal data out of the hands of prying local security agencies

These reflect my personal needs;
if you are actually a person of specific
interest to state security agencies, or a mafia credit card thief, you will
probabably have different ones.

  • Prism break is a chaotic list of solutions.
    Excellent reference, although it really needs to incorporate some idea of how
    popular their suggested solutions are;
    after all, most of these things are only of any damn use if your friends also
    use ‘em.

  • quick guide to the basics of encryption (or how about one with stick figures)

  • logins. Don’t login with facebook and google.
    There might be better alternatives in the future. But for now, just don’t.

  • VPNs

  • Synchronising files is worth its own page.

  • password managers

    • blah
  • search engines

  • browser tracking

  • Other tracking

  • social networks

  • tcpcrypt is a protocol that
    attempts to encrypt (almost) all of your network traffic.
    Unlike other
    security mechanisms, Tcpcrypt works out of the box: it requires no
    configuration, no changes to applications, and your network connections will
    continue to work even if the remote end does not support Tcpcrypt, in which
    case connections will gracefully fall back to standard clear-text TCP.
    Install Tcpcrypt and you’ll feel no difference in your every day user
    experience, but yet your traffic will be more secure and you’ll have made
    life much harder for hackers.

  • Chatting…
    The ephemeral nature of chats turns out to be potentially much more
    practically secure
    than email, at least if you do it right.

    Skype, however, does not do it; rather, it is an NSA honeypot.

    Here are some attempts to do it right:

    • General theory

    • Cryptocat is an open implementation

    • Wickr is not open source but looks interesting

    • broader, group communications are nice to have, no? Dissent is one
      fashionable open-source entrant with good academic creditials:

      Dissent’s technical approach differs in two fundamental ways from the
      traditional relay-based approaches used by systems such as Tor:

      • Dissent builds on dining cryptographers and verifiable shuffle algorithms
        to offer provable anonymity guarantees, even in the face of traffic
        analysis attacks, of the kinds likely to be feasible for authoritarian
        governments and their state-controlled ISPs for example.
      • Dissent seeks to offer accountable anonymity, giving users strong
        guarantees of anonymity while also protecting online groups or forums
        from anonymous abuse such as spam, Sybil attacks, and sockpuppetry.
        Unlike other systems, Dissent can guarantee that each user of an online
        forum gets exactly one bandwidth share, one vote, or one pseudonym, which
        other users can block in the event of misbehavior

      Dissent offers an anonymous communication substrate intended primarily for
      applications built on a broadcast communication model: for example,
      bulletin boards, wikis, auctions, or voting. Users of an online group
      obtain cryptographic guarantees of sender and receiver anonymity, message
      integrity, disruption resistance, proportionality, and location hiding.

  • email: see email.

  • Financial transactions.
    Sick of your financial data being used to find out things about you that even you didn’t know?
    Try to pay more cash or bitcoins.

    • bitcoins have a thriving,
      often slightly socially awkard tin-foilish community, but are useful.
      They have lots of howto guides and pro-tip functions,
  • running your own servers can potentially be less convenient for the panopticon:

More exotic things and general reading about stuff i should probably bother to understand:

Academic stuff to read to stay paranoid

  • Genkin, D., Shamir, A., & Tromer, E. (2013). RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis. Cryptology ePrint Archive, Report 2013/857, 2013. Online.

    Yes, that’s right, deducing your password by listening to your computer.
    But it gets worse:

    Beyond acoustics, we demonstrate that a similar low-bandwidth attack can be
    performed by measuring the electric potential of a computer chassis.
    A suitably-equipped attacker need merely touch the target computer with his
    bare hand, or get the required leakage information from the ground wires at
    the remote end of VGA, USB or Ethernet cables.

    Maybe don’t read this if you are working on reducing your background paranoia.

  • Roth, A. (2014). The Algorithmic Foundations of Differential Privacy. Now Publishers. Online.

    The mathematical foundations of doing stuff privately.
    I hope someone else is reading this so that I don’t have to.

  • Sarigol, E., Garcia, D., & Schweitzer, F. (2014). Online Privacy as a Collective Phenomenon. arXiv:1409.6197 [cs]. Online.

    Your friends have already disclosed secrets about you by disclosing they know
    you on social media, secrets that will be further disseminated by random grad
    students in Switzerland when the social media company goes bust.

See original: The Living Thing Privacy (notes on how to have it)

Email (doing it better, or not doing it at all)

Email. What a disaster. Wastes time. Hard to secure. Totally necessary.

Some seek to avoid it entirely

But being realistic, we are already locked in to email. So, how can we minimise the harm?

  • Sexy open-source alternative email client mailpile tries to be hackable and secure.
  • google mail exists, but that is about selling my personal data to faceless
    foreign corporations, so no. Unfortunately my contacts still insist on using
    it, so my information is still ultimately being mined. Note to self: have
    fewwer friends.
  • gpgtools will upgrade even Apple Mail to be a bit more encryptey, as in, at least they have to work at it.
  • At least get email from someone who is not paying their costs by abusing your personal data, e.g.

See original: The Living Thing Email (doing it better, or not doing it at all)


Parentheses and the beauty curve.

  • the many faces of temporal recursion

  • Notes from the Metalevel: An Introduction to Computer Composition by Heinrich Konrad Taube, uses old school LISP.

  • overtone is a port of supercollider to clojure, and very hip right this second.

  • Fluxus is a rapid prototyping, playing and learning environment for 3D graphics, sound and games. Extends the Racket language with graphical commands and can be used within it’s own livecoding environment or from within the DrRacket IDE.

  • impromptu and extempore are the brainchildren of Andrew Sorenson:

    Extempore is a programming language and runtime environment designed to support ‘cyberphysical programming’. Cyberphysical programming supports the notion of a human programmer operating as an active agent in a real-time distributed network of environmentally aware systems. The programmer interacts with the distributed real-time system procedurally by modifying code on-the-fly.

    Extempore provides a completely hotswappable runtime environment with a strong temporal semantics, a flexible concurrency architecture, builtin support for distributed heterogenous operation (both OS and Architecture), and aims to provide flexible compiler-as-a-service functionality. Extempore makes extensive use of the LLVM project to provide back-end code generation.

  • Sorensen, A., & Gardner, H. (2010). Programming with time: cyber-physical programming with impromptu. In ACM Sigplan Notices (Vol. 45, p. 822). ACM Press. DOI. Online.

See original: The Living Thing Art LISP

New Media art

My working definition:

Art made using any medium \(X\) such that in every art school, the Department of \(X\) is less than 50 years old.

Alternative definition:

Anything that science fiction of the 1930s to 1980s hypothesized we’d be doing In The Future, and we finally got around to doing it.


Stuff that is hard to get funding for because it looks suspiciously like video games, perhaps because it is video games.

See generative art for my personal favourite strand thereof.

Let me excerpt Near Future Laboratory’s criteria for new media art:

  • It doesn’t work
  • Your audience “interacts” by clapping/hooting/making bird calls/flapping their arms like a duck or waving their arms wildly while standing in front of a wall onto which is projected squiggly lines
  • Your audience asks amongst themselves, “how does it work?”
  • It’s just like using your own normal, human, perfectly good eyeballs, only the resolution sucks and the colors are really the heat from the CPU fan is blowing on your forehead which makes you really uncomfortable and schvitz-y
  • Someone in your audience wearing a Crumpler bag, slinging a fancy digital SLR and/or standing with their arms folded smugly says, “Yeah..yeah, I could’ve done that too..c’mon dude..some Perlin Noise? And Processing/Ruby-on-Rails/AJAX/Blue LEDs/MaxMSP/An Infrared Camera/Lots of Free Time/etc.? Pfft… It’s so easy…”
  • Someone in your audience, maybe the same guy with the Crumpler bag and digital SLR excitedly says, “Oh, dude. That should totally be a Facebook app!”
  • It’s called a “project” and not a “piece of art”
  • Your audience cups their hands over various proturbances/orifices at or nearby your project attempting to confuse/interact with the camera/sensor/laser beam, even if it uses no such technology
  • There are instructions on how to experience the damn thing

See original: The Living Thing New Media art

something went wrong

See original: something went wrong

something went wrong

See original: something went wrong

something went wrong

See original: something went wrong

Penser la gouvernance de la biodiversité à travers l’analyse des dynamiques socio-écologiques

Cet article propose des pistes pour repenser la gouvernance de la nature – notamment dans les espaces urbains à partir de l’étude des différentes représentations de la nature, de leur construction sociale et de la manière dont elles articulent les rapports de force entre acteurs.

En effet, les nouvelles politiques d’aménagement favorables à la biodiversité heurtent les représentations socialement construites pendant ces dernières décennies qui considèrent certains espaces (la ville) comme totalement dédiés aux humains, ce qui conduit souvent à des conflits.

Nous plaidons ici pour l’analyse critique des processus sociétaux menant à ces conceptions conflictuelles de la nature à travers la prise en considération des dynamiques interactives entre les acteurs humains et non-humains du système. Ces recherches pourraient participer à la résolution de conflits socio-écologiques potentiels.

See original: VertigO - la revue électronique en sciences de l'environnement Penser la gouvernance de la biodiversité à travers l’analyse des dynamiques socio-écologiques


Very trendy functional LISP-derivative.
Totally the hotness in generative art right now.

  • tutorial
  • Computational design tools for Clojure/ClojureScript
  • Co(de)Factory is a collaborative open source 3d rendering art-object making machine for the Barbican.
  • lighttable is an IDE for clojure designed from the ground up to do freaky spacecode shit
  • overtone is a port of supercollider to clojure, and very hip right this second.
    • leipzig is a composition library for it that makes clojure usable

See original: The Living Thing Clojure

Standards hell

See also Thomas Schelling, Peyton Young, and many other engineering and
economics papers I haven’t heard of yet.
Minimum power principle.
Economics of standards.
Partial contracts.

Martian headsets:

[…] this is where Jon Postel caused a problem, back in 1981, when he coined
the robustness principle:
“Be conservative in what you do, be liberal in what you accept from others.”

[…] Postel’s “robustness” principle didn’t really work. The problem wasn’t
noticed for many years. In 2001 Marshall Rose finally wrote:

Counter-intuitively, Postel’s robustness principle […] often leads to
deployment problems.
Why? When a new implementation is initially fielded, it is likely that it
will encounter only a subset of existing implementations.
If those implementations follow the robustness principle, then errors in
the new implementation will likely go undetected.
The new implementation then sees some, but not widespread deployment.
This process repeats for several new implementations.
Eventually, the not-quite-correct implementations run into
other implementations that are less liberal than the initial set of
The reader should be able to figure out what happens next.

See original: The Living Thing Standards hell

Machine vision

Practical tips, tricks and algorithms.

See also deep neural networks, Markov random fields <{filename}graphical_models.rst>`_and `synestizer.

  • scikit-image is a collection of algorithms for image processing. It is available free of charge and free of restriction. We pride ourselves on high-quality, peer-reviewed code, written by an active community of volunteers.

  • Mahotas: Computer Vision in Python is a library of fast computer vision algorithms (all implemented in C++) operates over numpy arrays for convenience.

  • ilastik (also python)

    the interactive learning and segmentation toolkit

    ilastik is a simple, user-friendly tool for interactive image classification, segmentation and analysis. It is built as a modular software framework, which currently has workflows for automated (supervised) pixel- and object-level classification, automated and semi-automated object tracking, semi-automated segmentation and object counting without detection. Most analysis operations are performed lazily, which enables targeted interactive processing of data subvolumes, followed by complete volume analysis in offline batch mode. Using it requires no experience in image processing.

  • openCV is released under a BSD license and hence it’s free for both academic and commercial use. It has C++, C, Python and Java interfaces and supports Windows, Linux, Mac OS, iOS and Android. OpenCV was designed for computational efficiency and with a strong focus on real-time applications. Written in optimized C/C++, the library can take advantage of multi-core processing. Enabled with OpenCL, it can take advantage of the hardware acceleration of the underlying heterogeneous compute platform. Adopted all around the world, OpenCV has more than 47 thousand people of user community and estimated number of downloads exceeding 9 million. Usage ranges from interactive art, to mines inspection, stitching maps on the web or through advanced robotics.

  • simpleCV is an open source framework for building computer vision applications. With it, you get access to several high-powered computer vision libraries such as OpenCV – without having to first learn about bit depths, file formats, color spaces, buffer management, eigenvalues, or matrix versus bitmap storage. This is computer vision made easy.

See original: The Living Thing Machine vision

Concurrency hell

Asynchrony, robustness-under-failure, distributed calculation.
Tricks for doing lots of stuff at once without spending all day being confused by shitty thread abstractions.
CAP theorems, Byzantine generals, dining philosophers.

Although there are things of profound theoretical interest here, I will of necessity be taking a primarily pragmatic, solutions-driven approach.

See also probabilistic computing.

  • Reactive manifesto: [1]

    We believe that a coherent approach to systems architecture is needed, and we
    believe that all necessary aspects are already recognized individually: we
    want systems that are Responsive, Resilient, Elastic and Message Driven. We
    call these Reactive Systems.

    Systems built as Reactive Systems are more flexible, loosely-coupled and
    scalable. This makes them easier to develop and amenable to change. They are
    significantly more tolerant of failure and when failure does occur they meet
    it with elegance rather than disaster. Reactive Systems are highly
    responsive, giving users effective interactive feedback.

[1] (Why manifesto? Because “design pattern” isn’t as cool as manifesto this year, and staying current is a buzzword Red Queen race)

Libraries and hacks

  • DIY python coroutine decorators:

  • rx.js

    The Reactive Extensions for JavaScript (RxJS) is a set of libraries for
    composing asynchronous and event-based programs using observable sequences
    and fluent query operators […]. Using RxJS, developers represent
    asynchronous data streams with Observables, query asynchronous data streams
    using LINQ operators, and parameterize the concurrency in the asynchronous
    data streams using Schedulers. […]

    Using RxJS, you can represent multiple asynchronous data streams (that come
    from diverse sources, e.g., stock quote, tweets, computer events, web service
    requests, etc.), and subscribe to the event stream using the Observer object.
    The Observable notifies the subscribed Observer instance whenever an event occurs.

    Because observable sequences are data streams, you can query them using
    standard LINQ query operators implemented by the Observable type. Thus you
    can filter, project, aggregate, compose and perform time-based operations on
    multiple events easily by using these static LINQ operators. In addition,
    there are a number of other reactive stream specific operators that allow
    powerful queries to be written. Cancellation, exceptions, and synchronization
    are also handled gracefully by using the methods on the Observable object.

See original: The Living Thing Concurrency hell

Synchronising files

OK, pure network drivesjust arent as awesome as working locally, and synchronising changes globally. Git has shown us that for code, and dropbox has shown us that for documents - and for that matter, distributed databases have shown us that for data.

So, back to the individual user and their day-to-day needs…

File storage/sync/sharing is tricky. I am addicted to Dropbox, but their
technical and legal shortcomings are laughably bad. More secure alternatives:

  • SpiderOak is the most popular
    encrypted service, although still based in the USA, which, like Russia and
    China, is more of an open file-sharing depot than a secure storage location
    where you would keep actual private stuff.
  • sparkleshare creates a special folder on your computer. You can add
    remotely hosted folders (or "projects") to this folder. These projects will
    be automatically kept in sync with both the host and all of your peers when
    someone adds, removes or edits a file.”
  • syncthing:
    • Private. None of your data is ever stored anywhere else than on your
      computers. There is no central server that might be compromised, legally
      or illegally.
    • Encrypted. All communication is secured using TLS. The encryption used
      includes perfect forward secrecy to prevent any eavesdropper from ever
      gaining access to your data.
    • Authenticated. Every node is identified by a strong cryptographic
      certificate. Only nodes you have explicitly allowed can connect to your cluster.
  • Ori is a distributed file system built for offline operation and empowers
    the user with control over synchronization operations and conflict
    resolution. We provide history through light weight snapshots and allow
    users to verify the history has not been tampered with. Through the use of
    replication instances can be resilient and recover damaged data from other nodes.”
  • Wuala is a Swiss spideroak
    competitor, which capitalises on stronger Swiss privacy laws.
  • git-annex I have not yet tried, but it supports very explicit and
    customisable folder-tree synchronisation, merging, and sneakernets and as
    such I am excited by it.

See original: The Living Thing Synchronising files

Random Matrices

Many dimensions plus linear algebra plus probability equals Random Matrix Theory.

Turns out to ppop up in a lot of linear systems, and have som elegant results, therefore super trendy.

To read

See original: The Living Thing Random Matrices

Computational mechanics

See also:

To read

  • Decisional states

    “This article introduces both a new algorithm for reconstructing
    epsilon-machines from data, as well as the decisional states. These are
    defined as the internal states of a system that lead to the same decision,
    based on a user-provided utility or pay-off function.”

  • CRS’s CSSR

To understand

Are there actual applications of this to actual physics, or is this keyword
purely the mule offspring of physics adn computer science best put out to pasture?

See original: The Living Thing Computational mechanics