Discuss the argument that hackers do public service by finding and publicising computer security weaknessesTags: English, opinions, essays, university
Created on Tue, 10 Feb 2015
context: We have to write an essay for a course at University. But first, we have to submit a draft, then be assigned to read drafts of other people and mark them. Which in the end doesn't matter at all.
BTW, Честит рожден ден, тати!
Number 1. Oh my Random, not another essay!
Of course they do. Is there really an argument for the other side?
Let's first define hacker – a highly controversial term for the regular dumb man/woman/unidentified (henceforth referred to as a “cuggle” – a computer muggle. Muggle, in the Harry Potter universe, is someone who lacks any magical abilities and was not born in the magical world, often denying the existence of magic itself ). Now, cuggles believe that a hacker is bad word. They see it as someone who does bad things with the aid of computers like stealing money, blackmailing or lunching rockets by getting hold of NASA computers. While this is not unseen in real life  (IRL ), it is rarely the case when the term is used by cizards (a computer wizard). What cuggles are confusing the word with is usually a cracker .
The problem is not just semantics. While in the cizarding world hacker is used many times as a compliment to someone's abilities and highly applicable computer knowledge, mainstream media (and apparently University of Glasgow professors ) confuse the terms as of early 2015. This leads to much time wasted by graduating students trying to fake arguments from both sides of a useless argument, copying references of the References sections of wikipedia.org and spending their most precious hours of their 20ies in academic Sisyphean labor  (the mythological Greek dude who apparently wrote essays and pushed them off a cliff only to find there are more on the desk behind him).
So the question becomes – are highly intelligent people who are curious to see if they can break the thing that their fellow cizards built and when they do, then they expose the information of how they did it to the public (rather than lunching U.S.A. Ministry of Defence's missiles) in order to protect crackers from assuring mutual destruction, at a fault of doing that? Well, apparently there are at least two sections of the argument, so let's dive.
Number 2. First section of the argument
In the introduction I used my own words  to state the proposition. I tried to use Michael Jackson's words, but there were two problems I faced: 1. he is dead  and 2. he has copyrighted his words. Now I am going to argue against it because we all like to play crazy every once in a while.
As software becomes more and more complex and as every programmer depends on millions of lines of software written by other people, sometimes even provided by competing companies (e.g. Google's Chrome used originally Apple's WebKit as a webpage rendering engine), cizards are aware that no matter how much you test a product, you will end up with bugs crawling at some dark places of your code. As Dijkstra said it “Program testing can be used to show the presence of bugs, but never to show their absence!”  That's why Google  and many other companies with significant online presence cit needed have issued a step-by-step guide of how to report vulnerabilities in their systems. Usually the process is disclosing the found problem(s) with the company responsible for issuing and maintaining the software and giving it time to fix it. Often, there are rewards for people discovering vulnerabilities in the public space and following the said protocol  rather than publicizing it directly.
In some cases however, this is not possible. Last year's example of the so called heartbleed vulnerability was found in the open source project OpenSSL . Open source projects are projects which everybody could read the source code and contribute to and they are often used even by big companies as projects have licenses permitting that. While the intention is sharing the love and the knowledge that humanity as species has acquired and even though millions of eyes have looked at the code, sometimes serious vulnerabilities could creep in. Discovering this particular problem and disclosing it in the public space gives the chance to crackers (sort of the Deatheaters, remember) to do malicious things for their personal gain until all the companies using the software have patched the bad code.
Was the person discovering the bug a hacker in the cuggles' eyes? Certainly not (that is if cuggles even understood what happened among the ocean of information about Miley Cirus shaving her head) – he was a good guy that discovered that other good guys made a mistake. But in cizards' eyes he definitely was one – a smart guy who saw what other haven't seen. He hacked the system. He was smart enough to see it and instead of destroying the world, he decided to protect the world by publicizing the information. However by doing so, he allowed for crackers to possibly steal bank accounts' money of everyday people.
Vulnerabilities are found every day and logs of vulnerabilities in unpatched software exist in the not-so-deep web. With enough determination, everybody could become a cracker. Exploits are created by cizards, crackers and hackers and everybody who can google and want to do something malicious to people with unupdated software could use these scripts without even understanding exactly what they are doing. These are also known as script kiddies . It's like a wizard giving magic potion to a muggle to make someone fall in love with them – the muggle doesn't need to know how the potion was made, he only wants the result. Is this ethical? It is a matter of opinion of course, but this is my essay and my opinion is that if the company maintaining the software has been given enough time to create a patch and push it to users in a seamless way so that cuggles don't even know that anything was fixed, then yes, it is ethical. As in history, it is good to put out information that shows how stupid we were once and how smart we are now. Or is that not the point of history?
Number 3. Second section of the argument
In the previous section I tried really hard to explain why it might be bad for the world to know things. “Ignorance is bliss” as some smart dude once said. If it was not convincing enough, I propose that you start following a religion if you don't already. It will lock you in a box, explain you many of the things you find uncomfortable in life and it will provide you with the security of knowing what happens after you die, how the world began and will give you the power to tell other people who are not following your religion that they are going to a bad place after they die. Which for most of us is either fire or worms' gut .
For the rest of us who like knowing things and trying to make the world a better place by using the scientific method, discovering problems in software that half of the people on the planet  use daily is a thing we need. While giving the information straight to the media is at least stupid if not downward idiotic way of boosting your ego, disclosing information first with the responsible companies is a smart thing to do. Now if the company stubbornly doesn't want to fix the software that millions of people use, because “it will not meet financial numbers” and thus giving the opportunity to crackers to pwn someone's machine, well then, what else could a good hacker do than ruing the reputation of a stupid company by showing how stupid it is. It deserves it, doesn't it? A company is supposed to serve in the best interest of people. If it tries to appear to do that but it doesn't, then by all means it deserves to be humiliated publicly.
I don't really know what else I can say here. If you don't like it, choose a religion. Or a Linux distro and shovel it down everybody's throats. I'm tired of pushing rocks.
Number 4. Conclusion
Everybody can have opinions for things. What I said, is what I truly believe in and don't really see how I could've written it differently if we lived in a free world. Now I am the kind of person that holds to his believes until proven wrong. And then I change them. Opinions are not you, opinions are things that you put in a basket and carry with you. Discussing them in an essay is something that I like doing but I don't like being forced to express them in a particular academic way, I don't like being put in a box of unclear rules of what makes a good essay. This is not exact science – some people like it, some people don't. If there is a measurement, it would be numbers. Criteria like “Very well structured; very interesting” is highly subjective. On this subjective criteria, an absolute number will be given which would represent itself IRL as an absolute mark number. How does that make sense, I couldn't understand for 16 years in education system. Of course, you dear draft reader, are probably reading something that would not make it to the final submission. Nevertheless, I hope you enjoyed it!
Now, you have to write a critique that wouldn't even matter in the future as marks. Follow Nike's slogan: Just do it! Shamelessly! Critique my references, style, grammar, inappropriate use of words and abbr. Explain how I can't discriminate people based on religious believes, or that my evidence is not strong enough. Praise me for something random so that we follow the balance principle of our democratic society and move on. Don't spend more than 5 minutes, just type something, and go to a party. I am deeply sorry that you had to read this piece of shit, but it was not my call. I would not make you do it, but I tried to make it just a bit more interesting to you than it would have to be in the final one. Which will be another boring discussion of a random topic so that I can finally prove that I can use words, I have developed my critical thinking, be able to solve problems under time pressure, deal with stress and anxiety, work in a team and decide which animal would describe me the best.
Have a nice day!
Rowling, J. K. Harry Potter and the Philosopher's Stone. London: Bloomsbury Pub., 1997. Print.
http://digital.asiaone.com/digital/news/hackers-leak-bank-data-240-poly-alumni Retrieved Feb 10, 2015
http://www.urbandictionary.com/define.php?term=IRL Retrieved Feb 10, 2015
http://jargon-file.org/archive/jargon-1.5.0.dos.txt. Retrieved Feb 10, 2015
http://catb.org/jargon/html/C/cracker.html Retrieved Feb 10, 2015
http://moodle2.gla.ac.uk/pluginfile.php/372358/mod_resource/content/3/Assignment3.pdf Retrieved Feb 10, 2015
Homer, Iliad VI 152ss (From now on assume they were all retrieved today, 10 Feb 2015)
https://michaeljacksonnotdead.wordpress.com/ ...or is he...?
Dijkstra (1969) J.N. Buxton and B. Randell, eds, Software Engineering Techniques, April 1970, p. 16. Report on a conference sponsored by the NATO Science Committee, Rome, Italy, 27–31 October 1969.
cit needed https://xkcd.com/285/
What are ads (potentially) good for?Tags: English, technology, opinions
Created on Wed, 26 Nov 2014
When I was small, I've always hated the ads on TV that would interrupt my favorite movie or show. And they would do this 5 times in an hour, sometimes for so long that I would forget what I was watching. I didn't see the point of them at all. Well, unless I wanted to go pee - and I actually thought for quite a while that this is the reason for ads.
Then someone told me that this is how the channels are supporting themselves and that without the ads, TV would not exist. I thought this is stupid.
But as I grew up, I accepted the fact. I still hated them though and me and my family would have the desperate "Argh!" whenever we heard the famous jingle of the ad block beginning. And they would of course do it in the most interesting part of the movie. This is supposed to be entertaining?!
Are all ads evil though? Isn't there some value in them? I would like to spend some time to rethink the advertisement model in the world.
To start of, I believe the model is currently very corrupt and generally accepted as evil. To help us understand what are the underlying causes of ads, let's get way back to human history, before mass media.
People wanted things because they needed them to survive or to improve one's well being. For example, they exchanged their chicken eggs for cow's milk with people who they trusted. A person, call him Jeremy from Brothertown, may become really popular that his cow's milk is the best, so people would understand that from word of mouth.
Jeremy wants to let more people know how special care he takes of his cows so that they produce the great milk they have. Word of mouth still plays big role, but people who have great reputation might want to expand even further, let even more people know about his great cows' milk. Jeremy is thinking all good - he wants people to benefit from the great things he does. How does one do that? He gives some extra delicious milk for free to some other people to promote it, to spread the news. "Jeremy from Brothertown has the best cows' milk!".
This is good - Jeremy gets more clients, more people are happy because they found a better product.
As society moved to monetary system and information about products exploded, people found it harder and harder to make a choice of who to exchange goods with, who to trust.
This is not to say Jeremy could not turn evil in the old days. He could of course give people free milk to spread the news, even if he doesn't have good reputation. But with a tribe or village of 100 or even 1000 people, this would quickly turn itself around and nobody would trust Jeremy anymore. With the globalization and explosion of information, today it's easier to make false claims than when groups of people lived in a smaller social circles.
Flash-forward to today. While businesses still benefit from spreading the news about their products, some of them might not be so benevolent. Take Alice's small flower shop. She advertises in the local newspaper, putting in people's mind every time they need flowers, they would go there. Alice finds clients, people find flowers quickly. All looks good.
But what if Alice decides to double the prices so she could pay for her advertisements. People would still go there because of imperfect information, but they would pay more than they should. They might not know that, as Alice understands her market well better than any individual who is not in the flower's business. In a sense, we could rationalize that people pay the extra bit for the saved time of research. But we can already feel that something is not right.
Say Alice not only increases her price per flower, but in order to get greater profit, she also lowers the quality of flowers. She doesn't take that much care of them, doesn't work as hard, get inferior cheaper soils and chemicals and as a result the flowers go bad quicker. Customers will eventually be unhappy, but because of imperfect information and brainwashing, people would still go there believing they are the ones who don't take good care. I mean, look at all the advertisement - a lot of people might be buying them, something is wrong with me. Alice makes a lot of profit.
Take another scenario. Politicians spend millions of taxpayers money just a month before the elections to boost their visibility and penetrate people's mind. Wouldn't it be great if instead of that, they were just doing their best over the 4-year term and when elections come, people vote based on the summary of the politician has been doing in his time in office? If someone is doing well, all the time, why would he spent millions just before elections to brainwash their citizens? Especially in developing countries where the mass media is flawed by corruption, this gives an unfair advantage to people with tons of money rather than people who actually have great ideas.
Ads have devolved. We are constantly bombarded with fake advertisement, false claims, propaganda, brainwashing. Advertisers believe their users to be monkeys, they go for cheap tricks like showing a sexy (half-) naked woman (sexism, anyone?) which has nothing to do initially with beer, showing happy, smiling people looking down at you, the miserable middle-man; going for people's basic instincts like fear, guilt, shame. And this is everywhere - billboards, newspapers, magazines, TV... Internet. Ads on the Internet are by far I think the worst of them all - agencies go for making everything possible to force users click on something ridiculous that they never wanted or cared about, interrupting their videos or reading articles for "message from our sponsors". Not even mentioning the creepy following and intrusion of personal life.
But is it possible to support business without advertisement? Is the Internet and society going to survive without ads at all? I mean, Google is in the advertising business, and they are "not evil" right?
Some ads potentially could be good. Ads that just boost the visibility of the product, letting people know that this thing exists, that this product or service may improve one's life - are good. But who needs ads about Coca-Cola 5 times a day? Who doesn't know about it? And even if somebody doesn't, why do we have to constantly be reminded about it in an obtrusive way, interrupting our daily lives.
I mean, never, in my life have I woken up in the morning thinking "Oh my God, today I am going to see a bunch of ads that would interrupt the things I actually want to do!". I would like to get the useful information about the products without having to see posters and TV spots and having AdBlock run everywhere and people arguing that the Internet will not survive without the ads.
First of, I believe there are many other models of how individuals and companies can make money. As a beginner, if you do something good, people will come even if you don't want them to.
But the Internet has so many free stuff, it can't possibly be the case that could work if it wasn't for ads - Wikipedia has proved that good things happen without ads. I believe humanity as a whole is not that evil. If you do something good, people will support you to continue doing it. People are not afraid of paying for things that they find useful. And the fact of our modern society is - if you don't do something that people want for the price they want to pay - someone else will. They will do it cheaper or for free, they would get people to like them and trust them, and you my greedy friend, will go out of business. Eventually if people like your product or service, they would help you stay in the shape because they care about you. You essentially become their friend - and, I believe, people like helping their friends, they won't let their friends die. Of course, people are selfish, people do want to be better off, but people also like to keep some people closer than others, someone to call a friend. "A guy needs somebody-to be near him. A guy goes nuts if he ain't got nobody. Don't make no difference who the guy is, long's he's with you. I tell ya, I tell ya a guy gets too lonely an' he gets sick" (from "Of Mice and Men").
Think of your best friend or best friends. Wouldn't you do anything for them? There is a famous anecdote which I turned into a saying of myself.
A guy calls his best friend at 3 a.m. telling him that he just killed a man. The friend answers without hesitation - "Where should I bring the shovels"?
I call these friends shovel-friends. I don't ask them questions, I support them unquestionably and I trust them this much that if I was in this situation as in the anecdote, I would do the same and figure out the consequences later.
On a more realistic basis, friends help friends - if you want to build something cool, friends will come and support you. They will give you the resources and help. With the modern technology and globalization this has never been easier. Crowdfunding is one way. If you already have people who liked what you have build so far and tell them (even as a company entity) "Hey, you know, I have this great new crazy idea that it just might work. But I need your help - could you spare a dollar this month to help me try things out?". If you have hundreds of thousands of people who you make happy every single day because of the things you do, if they trust you, if they spend good time you do, if you make them laugh or be curious about the world; if you spend more time on people's good qualities - curiosity, altruism, trust - they would respond with the same.
Go for their bad qualities like fear and making them feel stupid - and they will hate you. And even if you win in the short term by forcing them to look, listen and interact with things they don't want to, in the long run - are you increasing the love in the Universe? Are these people going to help you tomorrow when you need a shovel-buddy?
Think about it...
Challenge accepted!Tags: English, лични, живот
Created on Mon, 13 Oct 2014
Inspired by the Barney Stinson character from “How I met your mother” TV series, I decided to run a marathon today. This story came about during this weekend and, similarly to the show, I was bet against being able to run (thanks to the person for the bet). And as I said previously, I love the short plans thing, so I just followed the advice:
Step 1. - Start running.... there is no step 2.
And it worked! 42.195 km in 5 hours 5 minites.
Now, on another topic, I slightly derailed from my “deactivate my facebook for two weeks” experiment because of the hackathon that we were organizing this weekend. But I am not going to allow the broken window theory to completely destroy it. So, I am off the virtual social world until 25 October. This will be a topic for a future post.
И к'во?Tags: Български, политика, мнения
Created on Sun, 05 Oct 2014
Тръгнах си от Глазгоу преди 3 месеца като едно от последните неща, които направих е да гласувам за евроизбори. Сега, едно от първите неща, които правя е дежа вю – пак съм на вече познатата секция, гласувайки за български парламент.
Няма да крия, че резултатите са крайно разочароващи за мен. И не толкова за партиите, които влизат, събрали 5-6%. Това ми е ясно – здраво купуване на гласове, мотивирани хора да гласуват за патриотични и про-руски партии, носталгия към миналото, гласуване по етническо убеждение, разочарование от горните и размиване на гласовете, опит за нещо различно. Хубаво.
Това което не ми е толкова ясно – тоталния мързел и безочлив непукизъм. След година на протести, имаме 42% избирателна активност. 58% процента от хората отново, за пореден път не можаха да отделят половин час от напрегнатото си ежедневие да изразят своето мнение. Но са го изразявали и ще го изразяват всяка вечер на по чашка на въздуха и гората. Близо четири милиона оплакващи се, но не вършещи нищо. Или четири милиона щастливи, доволни от ситуацията с лимбо банка, спрени европейски средства и най-ниски доходи. Аз и приятелите ми тук, на майната си, на може би една от най-далечните точки по европейския континент, успяхме да намерим време, мотивация и желание. Защо ли? Чакайте да ви кажа защо.
Когато съм в чужбина, “на запад”, на мен всичко ми е уредено. Начинът, по който Западът работи, особено ако си емигрант е следния: лежиш си на дивана по цял ден и всичко ти е уредено. Да! Звъни ти всеки ден на вратата един сър Джон и те пита “Колко искате днес? 100 хиляди? 200 хиляди? Лири, евро или долари? Ето сър, приятен ден”. А пък като студент е още по-лесно – никой не работи почасово или на пълно работно време заедно с обучението. Не, просто сър Джон идва, дава ти парите и си изчезва. Даже не учиш – имат тая система, дето ти вкарват чип в мозъка и всичко си знаеш. Да, така е, на запад са напреднали, не е като в България! Всичко тук е прекрасно, една утопия, по цял ден само се кефиш на живота и се чудиш дали утре не можеш просто да спиш 24 часа, 'щото можеш да си го позволиш...
Но момент, защо въобще ми пука? Нали бях казал, че няма да обмислям да се връщам в България?! Защо въобще се занимавам да бия път, да чакам на опашки, да попълвам декларации, да си губя времето с бюлетинки, да се подписвам...
Защото, за добро или за лошо, това е системата, която съществува в момента. Имам правото веднъж на 2-3-4 години да изказвам мнението си точно с един замах на химикалката. С това почти се изчерпват начините ми, по които мога да контролирам какво се случва в държавата ми. И въпреки, че не е държавата, в която живея и в която смятам да живея в бъдещ момент, усещам че нещо ме кара да ми пука. Не знам дали е патриотизъм, любов към приятели и роднини или дълг, влечение към родното място, носталгия, лъч надежда или каквото и да е друго. Просто знам, че трябва да го направя и да се залъгвам, че това е достатъчно.
Знам, че не е достатъчно. Мога да направя повече. Да се върна в страната, да намеря съдружници, съмишленици, интелигентни, амбициозни хора, експерти и да стана партия №85. И? 42%. След всичкия шум, всичките протести, тези избори трябваше да имат най-високата избирателна активност. Добре, ще се боря за електронно и/или задължително гласуване. И 58% от хората ще играят тото, тъй като въобще не им пука да се поинтересуват и да отидат да гласуват, а ако им се наложи, едва ли ще помислят повече, тъй че просто ще теглят един рандом.
Народ, на когото не му пука, а само се оплаква, кажете какво мога да направя като индивид?
Пожелах днес на хората от избирателната секция “да не се налага да се виждаме пак скоро”. Уви, след резултатите, може би ще трябва пак да бия път скоро. И ще го направя отново. Колкото пъти е нужно.
Но нямам решение за непукизма на народа.
A conversation with a wolfTags: English, university
Created on Tue, 20 May 2014
Hello Mr Storer,
Thank you for the feedback. Allow me to address your comments.
We randomly allocate students to teams because it better reflects reality (believe it or not, you don't get to work with geniuses all the time, partly because they may not want to work with you :-) ).
Then these "real" companies should have a hard time to think how they employ people and match teams. If they match teams randomly and there happens to be such big difference of capabilities as it was this year in Uni, then this company is unproductive in the long term and I definitely would not like to work for it. (Maybe I should point that the difference is more geared towards laziness, rather than actual capability - if I see a person gives his best and as much time as possible to the project, I will never judge him how much they know or can as long as they are striving to compete and do their bests). Giving the hunger for good CS guys right now, I have too many options (from one-man-job to hundreds of startups, to the big IT guys, to almost every single industry in the world) to stick with a company that has no idea how to make good environment so that their people work their potential. People who slow me down and are lazy will never be tolerated around me and that's why I made (maybe not so much) noise about it. And the reverse is of course true as well - if people are more experienced than me and I am slowing them down, I will feel not capable and I would like to be reallocated until I learn or will work day and night until I catchup (done that!).
An interesting observation that PSD is geared towards assuming everyone will work for a company. From what we know, this happens to be the case, but it doesn't mean it should be.
Everyone? You are telling me in the past 5-10 years at University NO ONE was able to create his own business? No one self-employed doing mobile apps, websites, video animations, inidie games, no profit organizations etc? Because if this is the case (and I really hope it's just a generalization) there is something seriously wrong with the whole CS teaching and I will certainly not waste another year of my life and quit straight away!
Having said that, I guess the question is then what are the implications for software practice. If you run your own business, it is rather likely that sooner or later you will have to start working with people (sorry for you I'm afraid).
And where exactly the course taught me about this most valuable thing - how to work with people? There were advices on different charts, tens of frameworks but nothing on how to deal with people - why are some people lazy, what are the implications, how to deal with different characters... are there any mechanisms to complain when nothing is working, when I am doing everything and no support from my team. I raised this to everyone I knew (team manager, Mr Singer etc), but there was absolutely no result.
And I am not the only one! And I have worked with people in the past - in high school me and a friend were able to create science documentary movies and go to International expos, present them in many schools in Bulgaria, even make some profit!! (which we were actually never going after, it was a by-product) So I have worked with people and it has been very pleasant - these were one of the best years in my life so far! Creating the GUTS hackathon this year was another example and the way it turned out - it was magical and I would've never been able to pull this alone. The people were amazing, everyone was giving 140% of his/her powers, writing emails, talking with companies for sponsorship, setting up the website, dealing with problems etc. But in both cases - everyone was doing his/her job! This is what pleases me and what I believe should be like in a University that pretends to be in the top 5 in UK for Computing Science.
A very entertaining blog. A lovely blend of moral certainty, an overwhelming sense of self-superiority and confirmation bias. Good stuff!
Thank you (I guess).
For me, this course had very subjective and unclear rules, especially the blog. I cannot see a company which would make me write a blog or a diary to reflect what have I learnt. I don't see any application in the "real" world for CS people to be able to write - there are humanitarian disciplines like bussiness and management, psychology and literature for people interested in these areas. I want to be allowed to do what I do best rather than waste my time writing things that are outside of my control. I can clearly see the feedback I received for programming in C for example - things work or things don't work, the queries in the database return the right results or they don't. I can't see what this blog can help me with even with the feedback received. There are some random grades without further explanation of them. Tell me "this line is wrong" or "this is wrong reference" or "improper use of the word 'whom'". From what I can make of it, I am an average writer. Well, that's beyond my expectations as I thought I am not even in the average area - not being a native speaker and read 10 novels in my life (7 of which are Harry Potter). Let me do what I do best and mark me on that - don't force me to do things that I have no idea or desire to do, because the feedback that I would get wouldn't help me to live my life better.
Bests, Daniel Tsvetkov