Skip to main content

Reading List, February 2017

  1. Robert B. K. Dewar and Edmond Schonberg, Computer science education: Where are the software engineers of tomorrow, in CrossTalk, The Journal of Defense Software Engineering, Vol. 21, No. 1 (January 2008), pp. 28–30. [Online]:

    For pitfalls of Java as a programming language.

    Also, talks about how students today don’t know how to program, but rather put together pieces in order to get them to work. Can be linked to StackOverflow programming, or node.js programming.

    It [Texas A&M] did [teach Java as the first language]. Then I started teaching C++ to the electrical engineers and when the EE students started to out-program the CS students, the CS department switched to C++.

  2. Eric S. Raymond, Why python? [Online]:

    For these quotes:

    One course I did not consider was going back to C as a default language. The days when it made sense to do your own memory management in a new program are long over… For most other situations, accepting the debugging overhead of buffer overruns, pointer-aliasing problems, malloc/free memory leaks and all the other associated ills is just crazy on today’s machines. Far better to trade a few cycles and a few kilobytes of memory for the overhead of a scripting language’s memory manager and economize on far more valuable human time

  3. Eric S. Raymond, Things every hacker once knew. [Online]:

    A trip down nostalgia lane. There are some things here that I did not know, for instance, that ^L generates the ASCII code for FF and that it why it clears the screen; also the AT prefix in modems.

  4. Eric S. Raymond, The lost art of C structure packing. [Online]:

    Aligning structs to save memory? Sure, I knew about this in the back of my mind, but I never would have thought to use this optimisation.

    From when it was written at the beginning of 2014 until late 2016 this section ended with the last paragraph. During that period I’ve learned something rather reassuring from working with the source code for the reference implementation of NTP. It does packet analysis by reading packets off the wire directly into memory that the rest of the code sees as a struct, relying on the assumption of minimal self-aligned padding.

    The interesting news is that NTP has apparently being getting away with this for decades across a very wide span of hardware, operating systems, and compilers, including not just Unixes but under Windows variants as well. This suggests that platforms with padding rules other than self-alignment are either nonexistent or confined to such specialized niches that they’re never either NTP servers or clients.

  5. John Timmer, Making a different case for guns as a public health issue, in Ars Technica, 20 February 2017. [Online]:

    This presents an important argument for the study of guns in relation to public health, with a focus on the risk of suicide. Interesting to note that the number of gun related suicides exceeds the number of all homicides put together. Other interesting information includes the correlation between gun laws and suicide rates across states.

  6. Aaron Perzanowski and Jason Schultz, The internet of hackable things you don’t own, in Motherboard, 21 February 2017. [Online]:

    Talks about the IoT revolution of devices that people do not own, and the implications. It covers most of the cases I already knew about, such as Keurig, Nest, John Deere, pacemakers, etc.

  7. Aaron Perzanowski and Jason Schultz, Why are license “agreements” so uniformly terrible? in BoingBoing, 1 November 2016. [Online]:

    Talks about licence agreements and how they are broken.

    Let’s start with their length. The current iTunes Terms and Conditions are over 19,000 words, translating into fifty-six pages of fine print, longer than Macbeth. Not to be outdone, PayPal’s terms weigh in at 36,000 words, besting Hamlet by a wide margin.

    Assume the average user can read the 3,500-word Flash license in ten minutes—a generous assumption given the dense legalese in which it is written. If everyone who installed Flash in a single day read the license, it would require collectively over 1,500 years of human attention.

    So when retailers and record labels tell you that the song you purchased is licensed, not sold, they mean two things—you don’t own the copyright in the song and you don’t own the file you downloaded.

  8. Eric Berger, NASA’s longshot bet on a revolutionary rocket may be about to pay off, in Ars Technica, 22 February 2017. [Online]:

    A plasma based impulse engine that could reach Mars in less than forty days. This sounds really impressive, although there are some serious shortcomings in the reporting here. For starters, the reporter seems to suggest that the engine will not require any fuel because it runs on electricity. While this may technically be true, the engine actually uses up propellant which is not self-replenishing. Moreover, the propellant in question is a noble gas, which itself would be extremely hard to extract, compared to hydrogen which could be obtained by simple electrolysis of water.

    I’m including this article on the list because it comes close to my dream of a Star Trek future.

  9. David Epstein, When evidence says no, but doctors say yes, in ProPublica, 22 February 2017. [Online]:

    Talks about the broken medical system in the US (no surprises here), wherein doctors prescribe unnecessary treatment that in most cases has no ill effects other than increasing medical bills, but in some cases could actually increase risk to the patient through complications, or by making them incompatible with a life-saving procedure that may be necessary in the future.

    I guess the bottom line is this – do your own medical research before trusting your doctor if you are in the US. The political climate here tends to take control away from patients while providing the illusion of control.

  10. Jonathan Stray, Defense against the dark arts: Networked propaganda and counter-propaganda, 24 February 2017. [Online]:

    This is a rather well-written article on propaganda and how to counter it. A key insight here is that fact-checking rarely works in countering propaganda. Rather, the right way to counter propaganda is to come out first with a counter. Although not explicit, the article almost perfectly describes the present strategy of the White House.

    The key tactic of alternative or provocative figures is to leverage the size and platform of their “not-audience” (i.e. their haters in the mainstream) to attract attention and build an actual audience. Let’s say 9 out of 10 people who hear something Milo says will find it repulsive and juvenile. Because of that response rate, it’s going to be hard for someone like Milo to market himself through traditional channels. His potential audience is too spread out, and doesn’t have that much in common. He can’t advertise, he can’t find them one by one. It’s just not going to scale.

    But let’s say he can acquire massive amounts of negative publicity by pissing off people in the media? Well now all of a sudden someone is absorbing the cost of this inefficient form of marketing for him.

  11. Carl Bergstrom and Jevin West, Calling bullshit. [Online]:

    Apparently, this is a legit UW course (I checked the course roster in case this was some sort of trap) on providing students the necessary tools to detect bullshit. I haven’t read all the assigned readings, but the ones that I did read are most interesting. Do read the case studies as well. Trying to detect flaws in the logic there is a very interesting mental exercise.

    This should tie in well with the previous link on propaganda.

  12. John Graham-Cumming, Incident report on memory leak caused by Cloudflare parser bug, in Cloudflare blog, 23 February 2017. [Online]:

    This is really scary stuff. Cloudflare is used by many many websites and ISPs for security reasons. Their HTML parser had a bug that would fail to detect buffer overflows, the oldest kind of bug in the world. As a result, an unknown amount of sensitive data got exposed to the world, which may have been cached by search engines and other web crawlers.

    This is bad for many reasons. However, on reading the blog, it appears that authentication tokens, HTTP data, cookies got exposed. As a result, most websites have revoked authentication tokens. There’s a discrepancy in accounts of what got leaked. For instance, some people claim that full HTTPS session data is available, which includes passwords and the like. On the other hand, Cloudflare claims that private SSL keys weren’t compromised. I would welcome a primer on SSL that explains how the two statements are consistent.

    The reporting on Cloudbleed has been so hazy, even amongst the “tech” websites, that I’m really embarrassed. As always, it indicates that much of computer security is fragile and could be easily broken with disastrous consequences. Even companies specialising in security are not immune.

Popular posts from this blog

Progressive Snapshot: Is it worth it?

I turned 25 last year, which in the highly mathematical and calculating eyes of the US insurance industry meant that I had suddenly matured into a much more responsible driver than I was at 24 years and 364 days of age. As a result, I expected my insurance rates to go down. Imagine my surprise when my insurance renewal notice from GEICO actually quoted a $50 increase in my insurance rates. To me, this was a clear signal that it was time to switch companies.Typically, I score really high on brand loyalty. I tend to stick with a brand for as long as possible, unless they really mess up. This qualified as a major mess up. As a result, I started shopping for insurance quotes.Two companies that quoted me significantly lower rates (30%–40% lower) were Progressive and Allstate. Both had an optional programme that could give me further discounts based on my consenting to the companies tracking my driving habits. Now, I am a careful driver – I hardly ever accelerate hard. I hate using the brak…

Cornell Graduate Students United: At What Cost?

On Monday and Tuesday, we graduate students at Cornell will be voting on whether or not we want to unionise. Actually, scratch that, only graduate students who hold a TA, RA, or GRA appointment can unionise.This is a shitty arrangement, and I will be voting against it.For those of you who are not aware of how graduate school works at Cornell, you could be on one of many appointments.FellowshipA graduate student on a fellowship gets a stipend and tuition paid without associated teaching or research opportunities. Graduate students on a fellowship typically work towards their own theses, but will be excluded from the unionGraduate research assistantshipsA GRA gives a graduate student stipend and tuition without teaching responsibilities. However, this money comes out of a specific project grant, and the students typically work on their own theses. Students on GRAs magically qualify to join the union, whereas there is virtually no difference between a GRA and a fellowship for the most pa…

Reading List, April 2017

Adam Carroll, When money isn’t real: The $10,000 experiment, in TEDxLondonBusinessSchool, 9 July 2015. [Online]: Carroll presents an interesting point – we have abstracted away money through the use of a number of instruments, such as credit and debit cards, NFC payment systems on our phones, and in-app purchases, when we don’t realise how much we are actually spending. Carroll spends some time showing how his kids, aged 7–11 played monopoly differently when they were playing with real money. He goes on to lay his premise, that financial literacy must be taught to children at a young age, when they should be allowed to fail and learn from their failures at a small scale, not at the hundreds of thousands of dollars when they are in student loan debt and just out of college.Carroll’s talk hit a lot of notes with my own experiences with money, and I’m sure that it would resonate with your experiences as well.Brett Scott, If plastic replaces cash, much tha…