Notes on an overheard conversation while eating dinner at the International House of Pancakes

Sunday, November 10, 2019

“So do you know anything about this elf thing?”

“No, I never encountered anything like that growing up.”

“Me neither.”

“Oh, so it's not just me then.”

“Let's see … oh! There's a Wikipedia article about it.”

“What does it say?”

“It's based upon a book written in 2005 …”

“So it's after both our times.”

“Yup. It says, ‘The book tells a Christmas-themed story, written in rhyme, that explains how Santa Claus knows who is naughty and nice. It describes elves visiting children from Thanksgiving to Christmas Eve, after which they return to the North Pole until the next holiday season.’”

“So the elves spy on kids.”

“Yeah, it indoctrinates them into the 24-hour surveilliance society.”

Friday, November 01, 2019

The 5,000 translations of “mama pi me mute”

I found a much better dictionary for Toki Pona than the one I was using. This dictionary even includes the parts of speech, which could prove useful if I decide to generate a grammatically correct novel of 50,000 Toki Pona words for National Novel Generation Month.

As I was wrangling the new dictionary into a machine-usable format, it struck me that I could just generate a series of translations of the Lord's Prayer (since I have a copy of it in Toki Pona) by using the different meanings of each word. For example, the first word in the prayer, mama, has the following meanings:

parent
ancestor
creator
originator
caretaker
sustainer

Since my initial translation was quite limited. I set about just translating the opening line, “mama pi mi mute o, sina lon sewi kon” using the new dictionary, and got the following:

mama: NOUN parent, ancestor; creator, originator; caretaker, sustainer
pi: PARTICLE of
mi: NOUN I, me, we, us
mute: ADJECTIVE many, a lot, more, much, several, very
NOUN quantity
o: PARTICLE hey! O! (vocative or imperative)
sina: NOUN you
lon: PREPOSITION located at, present at, real, true, existing
sewi: NOUN area above, highest part, something elevated
ADJECTIVE awe-inspiring, divine, sacred, supernatural
kon: NOUN air, breath; essence, spirit; hidden reality, unseen agent

A more “literary” literal translation would probably be “Creator of we many, O! You existing divine air.” Or as a form of poetic English, ”Creator of us, residing in the divine air.” Pretty cool stuff. And as it turns out, there're enough variations in just the opening line to create enough translations to fulfill the 50,000 word requirement. I could certainly stop here and claim success, but I may just end up playing around with this a bit more.

November is already upon us and that can mean only three things

Thanksgiving is in the air. It's time for National Novel Writing Month. And it's time for National Novem Generation Month. I was dreading this.

I thought I had no ideas for NaNoGenMo this year, but I checked my NaNoGenMo ideas folder and oh look! I do have some notes for 2019. Oh. It only has one line in it: “Translate a book into Toki Pona.”

Well. There it is. Translate a book into Toki Pona (which literally translated means “talk good”).

It should be simple, right? Toki Pona only has at most 120 words. How hard can that be?

Let's take a look at some Toki Pona:

mama pi mi mute o, sina lon sewi kon.
nimi sina li sewi.
ma sina o kama.
jan o pali e wile sina lon sewi kon en lon ma.
o pana e moku pi tenpo suno ni tawa mi mute.
o weka e pali ike mi. sama la mi weka e pali ike pi jan ante.
o lawa ala e mi tawa ike.
o lawa e mi tan ike.
tenpo ali la sina jo e ma e wawa e pona.
Amen.

That happens to be the Lord's Prayer, which appears twice in the Bible (Matthew 6:9-13 and Luke 11:2-4). Let's translate it back and see what I might be in for.

What follows will be:

original line in Toki Pona
literal translation into English
Matthew 6:9-13
Luke 11:2-4

So without further ado …

mama pi mi mute o, sina lon sewi kon.
parent of many [command], you at high air.
Our Father which art in heaven, (Ma 6:9)
Our Father which art in heaven, (Lk 11:2)

nimi sina li sewi.
name you [predicate] high.
Hallowed be thy name. (Ma 6:9)
Hallowed be thy name. (Lk 11:2)

ma sina o kama.
land you [command] come.
Thy kingdom come, (Ma 6:10)
Thy kingdom come, (Lk 11:2)

jan o pali e wile sina lon sewi kon en lon ma.
person [command] do [object] want you at high air [and] at land.
Thy will be done in earth, as it is in heaven. (Ma 6:10)
Thy will be done, as in heaven, so in earth. (Lk 11:2)

o pana e moku pi tenpo suno ni tawa mi mute.
[command] give [object] eat of time sun this to me many.
Give us this day our daily bread. (Ma 6:11)
Give us day by day our daily bread. (Lk 11:3)

o weka e pali ike mi.
[command] away [object] do bad me.
And forgive us our debts, (Ma 6:12)
And forgive us our sins; (Lk 11:4)

sama la mi weka e pali ike pi jan ante.
same [context] me away [object] do person different.
as we forgive our debtors. (Ma 6:12)
for we also forgive every one that is indebted to us. (Lk 11:4)

o lawa ala e mi tawa ike.
[command] head no [object] me to bad.
And lead us not into temptation, (Ma 6:13)
And lead us not into temptation, (Lk 11:4)

o lawa e mi tan ike.
[command] head [object] me from bad.
but deliver us from evil: (Ma 6:13)
but deliver us from evil. (Lk 11:4)

tenpo ali la sina jo e ma e wawa e pona.
time all [context] you have land [object] strong [object] good.
For thine is the kingdom, and the power, and the glory, for ever. (Ma 6:13)
(not in Luke 11)

Amen.
Amen.
Amen. (Ma 6:12)
(not in Luke 11)

Um … okay … perhaps I better come up with a better idea.

Thursday, October 31, 2019

Where, indeed

Bunny and I are out, having a late dinner this Hallowe'en when I notice a woman walking in dressed as Carmen Sandiego. I never did find her husband, Waldo. Go figure.

In theory, it should work the same on the testing server as well as the production server

I haven't mentioned the other server I wrote, GLV-1.12556. I wrote it a few months ago mainly as a means to test out the Lua TLS wrapper I wrote beacuse otherwise, the wrapper is just an intellectual exercise. It implements the Gemini protocol which lies somewhat between gopher and HTTP.

One issue keeps rearing its ugly head—files larger than some size just aren't transfered. It just causes an error that I haven't been able to figure out. The first time this happened several months ago, I hacked at the code and thought I got it working. Alas, it's happening again. I received word today of it failing to send files beyond a certain size, and yes, I can reproduce it.

But here's the kicker—I can reproduce it on my live server but I can't reproduce it locally. It only seems to happen across the Internet. So any testing now has to happen “live” (as it were) on the “production server” (grrrrrr). I fixed some possible issues, maybe, like this bit of code:

  ios._drain = function(self,data)
    local bytes = self.__ctx:write(data)
    
    if bytes == tls.ERROR then
    
      -- --------------------------------------------------------------------
      -- I was receiving "Resource temporarily unavailable" and trying again,
      -- but that strategy fails upon failure to read a certificate.  So now
      -- I'm back to returning an error.  Let's hope this works this time.
      -- --------------------------------------------------------------------
      
      return false,self.__ctx:error()
      
    elseif bytes == tls.WANT_INPUT or bytes == tls.WANT_OUTPUT then
      self.__resume = true
      coroutine.yield()
      return self:_drain(data)
      
    elseif bytes < #data then
      nfl.SOCKETS:update(conn,"w")
      self.__resume = true
      coroutine.yield()
      return self:_drain(data:sub(bytes+1,-1))
    end
    
    return true
  end

Upon looking over this code, I rethought the logic if dealing with tls.WANT_INPUT (the TLS layer needs the underlying socket descriptor to be readable) or tls.WANT_OUTPUT (the TLS layer needs the underlying socket descriptor to be writable) with the same bit of code, and rewrote it thusly:

  ios._drain = function(self,data)
    local bytes = self.__ctx:write(data)
    
    if bytes == tls.ERROR then
    
      -- --------------------------------------------------------------------
      -- I was receiving "Resource temporarily unavailable" and trying again,
      -- but that strategy fails upon failure to read a certificate.  So now
      -- I'm back to returning an error.  Let's hope this works this time.
      -- --------------------------------------------------------------------
      
      return false,self.__ctx:error()
      
    elseif bytes == tls.WANT_INPUT then
      self.__resume = true
      coroutine.yield()
      return self:_drain(data)
      
    elseif bytes == tls.WANT_OUTPUT then
      nfl.SOCKETS:update(conn,"rw")
      self.__resume = true
      coroutine.yield()
      return self:_drain(data)
      
    elseif bytes < #data then
      nfl.SOCKETS:update(conn,"rw")
      self.__resume = true
      coroutine.yield()
      return self:_drain(data:sub(bytes+1,-1))
    end
    
    return true
  end

Now, upon receiving a tls.WANT_OUTPUT it updates the events on the underlying socket descriptor from “read ready” (which is always true) to “read and write ready.” But even that didn't fix the issue.

I then spent the time trying to determine the threshhold, creating files of various sizes until I got two that differed by just one byte. Any file that has 11,466 bytes or less will get served up. Any file that is 11,467 bytes or more, the connection is closed with the error “Resource temporarily unavailable.” I have yet to figure out the cause of that. Weird.

Wednesday, October 30, 2019

So this is what it feels like on the other side

I subscribed to a mailing list today. I had to wait until the validation email passed through the greylist daemon on my system, but once that happened, I can start replying to the list.

Only the first post I made didn't go through. There was no error reported. There was no bounce message. Nothing. I checked to make sure I was using the address I signed up with (I did) and the filters on my email program were correct (they were).

I then checked the logs and behold:

Oct 30 19:07:41 brevard postfix/smtp: 023E22EA679B: 
	to=<XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX>, 
	relay=XXXXXXXXXXXXXXXXX[XXXXXXXXXXXXX], 
	delay=4, 
	status=deferred (host XXXXXXXXXXXXXXXXX[XXXXXXXXXXXXX] said: 
		450 4.2.0 <XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX>: 
		Recipient address rejected: Greylisted, 
		see http://postgrey.schweikert.ch/help/XXXXXXXXXXXXXXXXXXXXX 
		(in reply to RCPT TO command))

Ha! I'm being greylisted right back! This is the first time I've noticed my outgoing email being greylisted. I find this amusing.

Tuesday, October 29, 2019

We are all publishers now

[This gopher site] has had, from very early days, a policy which allows [users] to request that their account be removed and all their content immediately and permanently deleted. This is called "claiming your civil right", … The Orientation Guide explains:

This promise is not a gimmick … It is a recognition that the ability to delete your accounts from online services is an important part of self-ownership of your digital identity. This is genuinely an important freedom and one which many modern online services do not offer, or deliberately make very difficult to access.

I have always been, and still am, proud that [this gopher server] offers this right so explicitly and unconditionally, and I have no plans to change it. I really think this an important thing.

And yet, it always breaks my heart a little when somebody actually claims their right, and it's especially tough when a large amount of high-quality gopherspace content disappears with them. As several people phlogged about noticing, kvothe recently chose to leave gopherspace, taking with him his wonderful, long-running and Bongusta-aggregated phlog "The Dialtone" … I loved having kvothe as part of our community, but of course fully respect his right to move on.

As I deleted his home directory, I thought to myself "Man, I wish there was an archive.org equivalent for Gopherspace, so that this great phlog wasn't lost forever". A minute later I thought "Wait… that is totally inconsistent with the entire civil right philosophy!". Ever since, I've been trying to reconcile these conflicting feelings and figure out what I actually believe.

The individual archivist, and ghosts of Gophers past

Some of the commentary on solderpunk's piece has shown, of course, divided opinion. There are those who claim that all statements made in public are, res ipsa loquitor, statements which become the property of the public. This claim is as nonsensical as it is legally ridiculous.

By making a statement in a public place, I do not pass ownership of the content I have "performed" to anyone else, I retain that ownership, it is mine, noone elses. I may have chosen to permit a certain group of people to read it, or hear it; I may have restricted that audience in a number of ways, be it my followers on social media, or the small but highly-regarded phlog audience; I may have structured my comments to that audience, such as using jargon on a mailing list which, when quoted out of context, can appear to mean something quite different; I may just have posted a stupid or ill-judged photo to my friends.

In each of those cases, it is specious to claim that I have given ownership of my posts to the public, forever, without hope of retrieval. It is not the case that I have surrendered my right to privacy, forever, to all 7.7bn inhabitants of this earth.

…
In much the same way, I reacted strongly when I realised that posts I had made on my phlog were appearing on google thanks to that site's indexing of gopher portals. I did not ever consent to content I made available over port 70 becoming the property of rapacious capitalists.

Ephemera, or the Consciousness of Forgetting

Back during college I wrote a humor column for the university newspaper. In one of my early columns (and not one I have on my site here) I wrote a column with disparaging remarks about a few English teachers from high school. Even worse, I named names!

I never expected said English teachers to ever hear about the column, but of course they did. My old high school was only 10 miles away (as the crow flies) and there were plenty of students at FAU who had attended the same high school I did. Of course I should have expected that. But alas, I was a stupid 18 year old who didn't know better.

Now I know better.

It was a painful experience to learn, but things spoken (or written) can move in mysterious ways and reach an audience that it was not intended for.

The copies of the humor column I have on my site are only a portion of the columns I wrote, the ones I consider “decent or better.” The rest range from “meh” to “God I wish I could burn them into non-existance.” But alas, they exist, and I've even given a link to the paper archives where they can be unceremoniously resurrected and thrown back into my face. Any attempt to “burn them into non-existance” on my part would be at best a misdemearnor and worst a felony.

In this same vein, Austin McConnell erased his book from the Internet. He managed to take the book out of print and buy up all existing copies from Amazon. There are still copies of his book out there in the hands of customers, and there's nothing he can do about that. The point being, once something is “out there” it's out, and the creator has limited control over what happens.

I'm not trying to victim shame Daniel Goldsmith. What I am trying to say is that Daniel may have an optimistic view of consumption of content.

As to his assertion that his content via gopher is now “the property of rapacious capitalists”—plainly false. Both Ireland (where Daniel resides) and the United States (where Google primarily resides) are both signatories to the “Berne Convention for the Protection of Literary and Artistic Works” which protects the rights of authors and Daniel owns the copyright to his works, not Google. Daniel may have not wanted Google to index his gopher site but Google did nothing wrong in accessing the site, and Google has certainly never claimed ownership of such data (and if it did, then Daniel should be part of a very long line of litigants). Are there things he can do? Yes, he could have a /robots.txt file that Google honors (The Internet Archive also honors it, but at best it's advisory and not at all mandatory—other crawlers might not honor it) or he can block IP addresses. But sadly, it was inevitable once a web-to-gopher proxy was available.

The issue at heart is that everyone is a publisher these days, but not everyone realizes that fact. Many also believe social media sites like MyFaceMeLinkedSpaceBookWeIn will keep “private” things private. The social media sites may even believe their own hype, but accidents and hacks still happen. You can block a someone, but that someone has friends who are also your friends. Things spoken or written can move in mysterious ways.

I feel I was fortunate to have experienced the Internet in the early 90s, before it commercialized. Back then, every computer was a peer on the Internet—all IP addresses were public, and anything you put out on the Internet was, for all intended purposes, public! There's nothing quite like finding yourself logged into your own computer from Russia (thanks to a 10Base2 network on the same floor as a non-computer science department with a Unix machine sans a root password). Because of that, I treat everything I put on the Internet as public (but note that I am not giving up my rights to what I say). If I don't want it known, I don't put it on the Internet.

Daniel goes on to state:

The content creator, after all, is the only person who has the right to make that decision, they are the only one who knows the audience they are willing to share something with, and the only ones who are the arbiter of that.

Ephemera, or the Consciousness of Forgetting

To me, that sounds like what Daniel really wants is DRM, which is a controversial issue on the Internet. Bits have no color, but that still doesn't keep people from trying to colorize the bits, and others mentioning that bits have no color and doing what they will with the bits in question. It's not an easy problem, nor is it just a technical problem.

You put content on the Internet. You are now a publisher with a world wide audience.

I thought computers exist to appease us, not for us to appease the computers

I got an email from the Corporation's Corporate Overlords' IT department about making sure my Windows laptop was on and logged into the Corporate Overlords' VPN so that mumble techspeak mumble technobable blah blah whatever. Even if it's a phishing email that our Corporate Overlords so love to send us, it didn't have any links to click or ask for my credentials. I also need to turn on the computer at least once every three weeks to prevent the Corporate Overlords from thinking its been stolen, so I figured it wouldn't hurt to turn it on, log in and reply to the email.

I turn it on, but I find I'm unable to get connected to the Corporation's wifi network which I need to do if I'm to log onto the Corporate Overlords' VPN. After many minutes of futzing around, I end up telling Windows to forget the Corporation's wifi network, re-select it from a list and re-enter my credentials (which have changed since the last time I logged in due to the outdated password practices still in use at The Corporation). Then I could log into the Corporate Overlords' VPN and reply to the email saying “go ahead mumble technospeak mumble technobabble blah blabh whatever.”

Of course, the Corporation “change your password” period (which was triggered last week) is different from that of the Corporation's Corporate Overlords' “change your password” period (which was triggered today) so there was that nonsense to deal with.

Over the course of the next few hours, I had to restart the Windows laptop no less than five times to appease the Microsoft Gods, and twice more I had to tell the computer to forget the Corporation's wifi netowrk before it got the hint and remember my credentials.

Seriously, people actually use Windows? I'm lucky in that I had the Mac book to keep working.

Friday, October 18, 2019

A minor issue with DoH

So far, the DoH server I wrote works fine (looking over the logs, it's amazing just how many queries mainstream sites make—CNN's main page made requests to over 260 other sites and that's after I restricted the number of redirects allowed) except for Github. The browser would claim it couldn't find Github, (although the logs said otherwise), or the the page formatting was broken because the browser couldn't locate various other servers (which again the logs said otherwise).

So I dived in to figure out the issue. It turns out the DNS replies were just a tad bit larger than expected. The Lua wrapper I wrote for my DNS library used the RFC mandated limit for the message size, which these days, is proving to be a bit small (that particular RFC was written in 1987). The fix was trival (increase the packet size) after the hour of investigation.

Thursday, October 17, 2019

You know, we might as well just run every network service over HTTPS/2 and build another six layers on top of that to appease the OSI 7-layer burrito guys

I've seen the writing on the wall, and while for now you can configure Firefox not to use DoH, I'm not confident enough to think it will remain that way. To that end, I've finally set up my own DoH server for use at Chez Boca. It only involved setting up my own CA to generate the appropriate certificates, install my CA certificate into Firefox, configure Apache to run over HTTP/2 (THANK YOU SO VERY XXXXXXX MUCH GOOGLE FOR SHOVING THIS HTTP/2 XXXXXXXX DOWN OUR THROATS!—no, I'm not bitter) and write a 150 line script that just queries my own local DNS, because, you know, it's more XXXXXXX secure or some XXXXXXXX reason like that.

Sigh.

And then I had to reconfigure Firefox using the “advanced configuration page” to tweak the following:

Firefox configuration for DoH
variable	value
variable	value
`network.trr.allow-rfc1918`	`true`
`network.trr.blacklist-duration`	0
`network.trr.bootstrapAddress`	192.168.1.10
`network.trr.confirmationNS`	skip
`network.trr.custom_uri`	`https://playground.local/cgi-bin/dns.cgi`
`network.trr.excluded-domains`
`network.trr.max-fails`	15
`network.trr.mode`	3
`network.trr.request-timeout`	3000
`network.trr.resolvers`	192.168.1.10
`network.trr.uri`	`https://playground.local/cgi-bin/dns.cgi`

I set network.trr.mode to “3” instead of “2” because it's coming. I know it's just coming so I might as well get ahead of the curve.

The Boston Diaries

Sunday, November 10, 2019