Category: General

The Case for College

As a self-educated professional working with the best in the field, I think I’m supposed to tell you that you don’t need college to be successful. My journey has been an unconventional one for sure. Growing up in a dysfunctional home with a schizoaffective and abusive father, surviving high school alone was barely manageable. The notion of college was unconscionable to a depressed teenager from a poor home with no parental guidance or support. Computers have been a part of my life since I was eight, where typing programs from the back of magazines into a Radio Shack TRS-80 took me places far away from my terrifying childhood. The highest level of education I’ve accomplished to date is a GED, after failing out of high school. I’ve learned a lot over the course of an ongoing 30-year career, and slowly worked my way up from building PCs and doing sysadmin work into software engineering, forensics, and security. With that has come the opportunity to make a lot of impact along the way that’s touched people’s lives. This is a life I couldn’t have possibly imagined for myself. A great career with one of the best companies in the world, a good living, and the opportunities to make long lasting impact. So why would you need college to do the same, especially when billionaires like Peter Thiel are willing to pay you six figures to drop out?

Thiel’s plan for you is a short-sighted one, and doesn’t take into account the difficulty you’re likely to face as a result of taking his offer. What’s missing from Thiel’s story – and all of his romanticized notions- is all the hard. Not just the financial hard that it takes, but the hard of navigating an unforgiving world without a degree. The hard in trying to make meaningful contributions to the scientific community and touch government sectors without a formal education. The difficulty of the mind in grasping for solutions to complex problems but lacking the theoretical foundation to connect with your higher-level knowledge, and the sense of feeling stupid for decades because of it. The hard in having to constantly prove you’re a better choice than the other candidate with a pedigree, no matter what level of experience you have in your field. Sure, you’re not me – I get that, but perhaps consider some of my experience spanning a tech career before you decide to quit school.

Read More

Good Medicine for Imposter’s Syndrome

Much of what we perceive about others in the workplace is their performatory character – what others are inviting you to believe about themselves; it’s an attempt to become the idealized version of ourselves by acting the part. Most of us are very competent in the field, but even still everyone gets imposter’s syndrome from time to time. For the self-taught professionals in tech, it can be the dead body we keep dragging around with us even while making advancements in the field. Some university graduates, too, have struggled with this decaying corpse that plagues the tech world. Left unchecked, it often leads to a devalued sense of self, depression, and even triggers other mental health problems – even in those whose performatory character would otherwise make them appear well put together. I got into professional tech work at the age of 16, some 32 years ago, at a small computer shop building PCs. Having never had the opportunities others had to go to college, I’ve had to grow and adapt my skillset over the span of my career. Imposter’s syndrome – and depression – has been along with me for much of my adult life. Even with what continues to be an excellent career at Apple, I’ve struggled with self-worth. Work environments can be nurturing and stimulating, and bring out the best in you; they can also be demotivating and devalue you – imposter’s syndrome can follow you around through both. I’ve figured a few things out about myself over the past 32 years that have helped me navigate some difficult environments. Nobody develops imposter’s syndrome overnight. Any sickness that is chronic requires a long term cure. There’s nothing anyone can tell you that will simply fix imposter’s syndrome; there are incremental ways to slowly recover from it though.

Oxford’s definition of imposter syndrome is the persistent inability to believe that one’s success is deserved or has been legitimately achieved as a result of one’s own efforts or skills. In tech, this usually means we feel stupid because we don’t think we have the understanding or mastery we think we should. It’s interesting, though- people tend to often feel like it’s because they’re not smart enough. We are definitely smart enough to do this job. The reason we don’t have understanding isn’t because we’re missing brain cells. One thing that computer science is good at is abstractions, and that allows us to work with and learn higher level concepts without needing knowledge of the world beneath it. One might say it’s what makes computing so great. Imposter’s Syndrome seems to prey on the benefits afforded to us by abstractions to introduce uncertainties about our abilities. But there is a way to think in such a way that allows for these abstractions to exist, where X can remain unknown and it won’t bother you, but simultaneously see a universe where X fits in.

If you look at a lot of the brightest minds in computer science, there’s a distinguishable acumen about them that goes beyond simply knowing the subject matter. They have a scientific mind; able to not only explain something, but they’re able to theorize and reason about it, and able to analogize. These are the kinds of skills that make for not only a good scientist, but a good engineer. It’s these same qualities that seem most desirable when we measure ourselves up, and often what smart assholes do such a terrible job trying to mimic. But this acumen doesn’t come from reading source code, mentoring by coworkers, or from reading The Imposter’s Handbook. These qualities come from a combination of foundational knowledge, methodical reasoning, and discipline. Things a lot of self-taught people like me don’t initially get a lot of exposure to. What I think a lot of people want to feel is that they are legitimate. That their knowledge isn’t fake or piecemeal, and that they are armed with the discipline to reason, make advancements, and solve complex problems. So here’s the pat on the shoulder: You’re probably very good at the subject matter you’re trained in, and you are no doubt intelligent if you are working in tech. Here’s the hard: The abstractions we work with in computing have allowed us to develop gaps, and those gaps make us feel really dumb sometimes. To treat your imposter’s syndrome, we’ve got to work at this.

Read More

Elon Musk Cannot Fathom Free Speech

I’ve recently written about the problems with social media in provoking speech and conformity, as well as the cult phenomenon that social media companies capitalize on. Elon Musk’s recent purchase of Twitter seems an apropos time to address the direct suppression of free speech.

Among Musk’s poorly thought out misadventures, he recently and rightfully reinstated the Twitter accounts of several journalists who had been critical of him in the past, whom he had previously rage-banned without warning. What’s really appalling to me isn’t that he suspended them in the first place (which was deeply troubling), but rather the guise under which he reinstated them. Like many of his twit-decisions, Musk started with a Twitter poll, regarded as having roughly the same credibility as a Russian election. This was followed with a decree that “the people have spoken”, referring to the disenfranchised twelve year olds, Russian trolls, and bots that vote on Twitter. Musk uses this business strategy, which cost $44 billion in research, whenever he wants to make a public policy decision that doesn’t involve putting people out of work. This policy-related polling seems almost an attempt to make the Twitterverse feel empowered by the new CEO.

Yet while Musk might have his users believe that they are now participants in the free speech narrative, the very concept of free speech itself is at odds with – even downright hostile to the notion of crowd-sourced policy. The Bill of Rights was designed intentionally to “prevent a sheep and two wolves from voting on what’s for dinner”. It seems to elude Musk that the right of free speech exists at a level higher than himself; that, rather than handing it out by vote, he is a mere steward of it with the responsibility of defending it. The Twitterverse at large has not and should not be empowered to make decisions about what speech to permit, because doing so destroys free speech. Failing to understand the requirements of such a basic human right is a dangerous thing for someone dictating policy of any system that depends on it. Musk, rather, seems to lack either the capacity or the restraint to make responsible decisions about free speech, or how to distinguish free speech from misinformation (today’s “Fire!” in a crowded theatre). Musk’s inability to handle such a delicate instrument of civil society is truly terrifying given the sheer amount of unilateral power he now has over public discourse.

Twitter was already a sick animal when Musk took over not long ago; the idea of giving a popular vote on speech policy to all users is not just the adolescent prank it looks like, but stands to set a dangerous norm across all social media platforms unless users push back on such an offensive thing. A society that believes the people should be allowed to choose what speech is acceptable is a society that burns books and compels conformity. Musk is simply taking the first step by normalizing this type of behavior among the online community. Anyone who is a free speech advocate should be condemning, not participating in it. If Musk doesn’t start to apply his brain here rather than his ego, Twitter 2.0 could very easily resemble German Student Union 1.0. Empowering children over others was how things started to go wrong back then too.

I had struggled to propose a solution to this problem, at least as far as Twitter is concerned, and then awoke to the most appropriate and fitting news on the subject: Musk created another poll, in which Twitter users voted he resign his post as CEO. It seems he occasionally does poll before putting people out of a job.

Read More

The Art of Understanding

We cannot understand without wanting to understand, that is, without wanting to let something be said… Understanding does not occur when we try to intercept what someone wants to say to us by claiming we already know it.

Hans-Georg Gadamer

 

Users of social media are attracted to platforms supporting free speech and open communication. The business motivations of social media are too, but for a different reason. A social media company’s valuation is largely driven by user activity metrics, from which advertising and media value are derived. The free speech that users value often turns out to be provoked, induced through controversy or cult phenomenon. Platform disruptors help drive up user activity by provoking speech, which benefits the value of the platform. The more disruptors a platform has (and the more freedom they’re given), the more controversy and virality will exist to improve those metrics that drive valuation. Provoked speech isn’t really free. The consequences of a platform engendering controversy and virality can be seen in the obvious de-evolution of social norms online: civility is rare, cruelty is ever increasing, and understanding no longer has the currency it once had. Outrage pays.

Understanding is key to any civil society. In America, we usually don’t take the time to understand one another anymore, particularly online. Without fully appreciating someone’s perspective, we usually end up seeing others through our own universe of norms; through our “own lens” as one might say. But it is that person’s own culture, knowledge and norms that influence their prejudices, their beliefs, and their treatment of a subject. Their experiences – not ours – formed their views. The only correct way to understand someone then is through their lens, treating our own as an impairment begging for a corrective prescription.

One of the great modern philosophers Hans-Georg Gadamer saw the study of hermeneutics as a means of gaining understanding of “the other” through an effort to transpose a person’s experiences, prejudices, and culture in a way that it could be uniquely appreciated despite the narrowness of our own. Think of it as a translation problem. When the effort is successful, there is a broadening of horizons to better understand how “the other” formed their network of beliefs, free from our own prejudices and norms. The rather sterile and parochial word hermeneutics might remind you more of Sunday School than social media, or more the type of legal research often used to interpret historical law than explain the psychology of a news cycle. If you were to consult college texts, you’d walk away quite certain that hermeneutics has nothing to do with everyday life and is the thing of dry people doing even drier historical things. Yet the doldrum historical sciences that employ hermeneutics have been grasping at the same basic goal to understand, which we often lack in social media.

Read More

Edward Snowden in Hindsight

I only regret that I have but one life to lose for my country.

Nathan Hale

On the day of Nathan Hale’s execution, a British officer wrote of Hale, “he behaved with great composure and resolution, saying he thought it the duty of every good Officer, to obey any orders given him by his Commander-in-Chief; and desired the Spectators to be at all times prepared to meet death in whatever shape it might appear.” Nearly ten years ago, I viewed Edward Snowden as a slightly nerdier, yet similar patriot to the greats. I wanted to believe he was serving his country, and was unfairly targeted by the state for standing up for those beliefs. Much of tech did too, which is why this is an important discussion to have. It’s affected how the tech community views and interacts with government in many ways, with all of the prejudices it brought into play. For all the pontificating since then about freedom that Snowden has done, his taking up permanent citizenship in Russia, and his silence since the beginning of the war with Ukraine (except, more recently, to criticize the US once more), today I rather see the pattern of a common deserter in Snowden, rather than the champion of free speech that some position him as. If Snowden is to set the narrative for how tech views and responds to government, then our occasional criticism of his own behavior should be fair game.

During his time in Russia, we have seen the whistleblower system work effectively here at home. The details of Trump’s Ukraine call, and the subsequent freezing of security aid seems rather relevant today. More impressively so, this same whistleblower system Snowden criticized worked against a sitting president having no capacity for restraint. The fruits of it were significant, and the process brought both public dissemination and a full press by congress to protect the whistleblower. Mr. X, whose identity is still somewhat contested, was a hero. He stood up to the bully, knowing better than most how lawless the tyrant was, and of the angry mob he commanded. What happened to X? Very little, certainly far less than the charges Snowden brought on himself or the freedoms he gave up by not using the right channels. Instead of following process, Snowden fled the country under the Obama administration, who was a teddy bear compared to Trump. Snowden rejected this government process, insisting the whistleblower system was corrupt, using it as justification to leak classified documents, shortly before departing the country. In 2020, he asked us to excuse him again while he applied for Russian citizenship “for the sake of his kids”. Yet even in being proved wrong by a true hero like X while the country lived under a tyrant, Snowden continues to hide from the consequences of this terrible miscalculation.

Read More

CSI Zelda: Examining Counterfeit Famicom Disk Games

I’ve previously written about auditing a graded video game, and some of the techniques that can be used to authenticate them. Now, I bring to you a wonderful opportunity to demonstrate what some counterfeit games looks like, and how to spot one. It was a cold December day, when I came across an auction on Yahoo JP by seller hiroki888dorakue: a sealed Legend of Zelda (Zelda no Densetsu) Famicom game listed as “new” and “unopened”. Not only new, but this item has the coveted yellow “Disk System” text in the upper left corner, which only exists on early issue versions (v.0) of the game. For those who aren’t familiar with Famicom, Nintendo released the Famicom system in Japan prior to the US version known as the “NES”. The Japanese version of the “NES” was way cooler than what we had, and had many accessories that our American systems didn’t – 3D glasses (Rad Racer and Falsion look great), a keyboard with BASIC, a revolver (explaining the western theme of games that were strangely released in the US with a futuristic Zapper gun), and the beloved Famicom Disk System. Many popular titles were initially released on the Disk System before they landed in the United States in NES cartridge form factor. Legend of Zelda, released in the US in August 1987, was first released on disk in February 1986 in Japan. The Disk System had many neat features, including a PCM sound channel, giving this first version of Zelda a superior soundtrack. I own three additional copies of this game, two with the yellow text and one with the white text, a change Nintendo made in later production runs.

The Famicom Disk System made it relatively cheap to get a new game. Nintendo set up Famicom Disk Writer kiosks across Japan, where kids could put down a few Yen and get a brand new game written on their old disks. They would also be given a fresh set of labels for the game. This service, which was very awesome if you were a kid, became very popular in Japan until Nintendo discontinued it due to heavy piracy. Unfortunately, the ability to easily copy and relabel disks is also one of the many reasons counterfeiting Famicom Disk System games is so easy.

Today, there are numerous collectible counterfeits of popular (and expensive) titles on the market. A typical counterfeit looks like a brand new, sealed copy of a title but may actually have a fake seal, reproduction inserts, and possibly even a disk that used to be something mundane, like Golf, relabeled with fresh Disk Writer or reproduction labels. In this post, I’ll take a look at a few such counterfeits and point out some of the ways to detect them in your own collection.

The seller of this Zelda title had 70 positive reviews and only one negative review, which would lead some to believe he’s trustworthy. Most Japanese proxy bidding sites, however, often require hundreds of positive feedbacks before they’ll even allow you to buy from a merchant. There are other problems on the American auction sites. For example, user geisha-export has sold me a few counterfeits in the recent past, but when eBay issues a refund, the seller can have their negative feedback removed. As a result, no one knows that some of these sellers are cashing in on fakes.

Read More

Auditing a Graded Video Game

Anyone who’s read my blog knows that I am not a fan of video game grading. Grading companies, in my experience, do marginal quality work, and at a superficial level that cannot be audited once an item has been sealed. The holy plastic WATA box is all too often used to convince sellers that their item somehow has more value than it actually does, and buyers the frustration of passing over finds because of greedy sellers who drank the kool-aid. Overall, video game grading has done more harm to the hobby than good.

I was lucky enough to find one seller who must have been frustrated that their VGA graded game hadn’t sold for the inflated prices they were led to believe they could get for it, and so I made a reasonable offer on it based on what an ungraded sealed copy would cost me. They accepted. I decided to use this as an experiment to crack open the enclosure and audit VGA’s work, and thought I’d share my findings so that the community would know what to expect a graded game actually looks like behind the plastic.

Read More

Authenticating Early Nintendo Systems and Games

“How can you have money,” demanded Ford, “if none of you actually produces anything? It doesn’t grow on trees you know.” “If you would allow me to continue.. .” Ford nodded dejectedly. “Thank you. Since we decided a few weeks ago to adopt the leaf as legal tender, we have, of course, all become immensely rich.” Ford stared in disbelief at the crowd who were murmuring appreciatively at this and greedily fingering the wads of leaves with which their track suits were stuffed. “But we have also,” continued the management consultant, “run into a small inflation problem on account of the high level of leaf availability, which means that, I gather, the current going rate has something like three deciduous forests buying one ship’s peanut.” Murmurs of alarm came from the crowd. The management consultant waved them down. “So in order to obviate this problem,” he continued, “and effectively revalue the leaf, we are about to embark on a massive defoliation campaign, and. . .er, burn down all the forests. I think you’ll all agree that’s a sensible move under the circumstances.” The crowd seemed a little uncertain about this for a second or two until someone pointed out how much this would increase the value of the leaves in their pockets whereupon they let out whoops of delight and gave the management consultant a standing ovation. The accountants among them looked forward to a profitable autumn aloft and it got an appreciative round from the crowd.”

Douglas Adams, The Restaurant at the End of the Universe

 

Ask any frustrated retro-gamer, and they’ll tell you the past couple of years have seen a fake market bubble to jack up game prices. What appear to be credible allegations of fraud and collusion have surfaced between grading companies and auction houses, such as WATA Games and Heritage Auctions, which hopefully will mean fair prices will start to return to a hobby that was previously only frequented by hardcore nerds, rather than investors. But along with this fake gaming bubble came another new phenomenon: fake, high dollar “premium” Nintendo collections. One particular peeve of mine is the introduction of fake “test market” NES sets appearing on auction sites. A “test market” system is a reference to the first hundred thousand units sold as part of a limited release in 1985, before Nintendo knew whether the consoles would be viable. Nobody wanted to carry video games after Atari crashed the market in 1983, and so Nintendo USA, without telling their Japanese parent company, promised retail stores a refund for any unsold systems and a 90 day line of credit. They ended up selling nearly 62 million consoles. Those first 100,000 trial market systems are now considered by collectors to be the Holy Grail.

They’re also fraught with fraud, due to the prices they can fetch, especially if you find one graded. Many fraudulent test market systems include a few genuine components from the original box, but were either missing parts or pieced together. Because they came with the full caboodle – the Zapper, R.O.B., controllers, and two games – a lot of pieces can get lost or broken over time. The replacement parts included at auction often include retail parts from after Nintendo’s worldwide release, severely diminishing their value. Any test market system today could easily include post-release cartridges, light guns, robots, controllers, manuals, boxes, or even circuit boards; buyers and sellers generally believe there’s no way to tell the difference. All too often, someone will buy an empty test market box and throw something together with junk from eBay, selling a $200 system for thousands. In some extreme cases, even the original NES main board would be swapped out for a release board, leaving the only authentic parts the plastic shell! Such fraud can happen with individual games too. These shenanigans ruin the legitimacy and the value of the asset. Fakes have always existed, but with the inflated prices sellers think they can get these days, hobbyists and collectors stand to lose a lot more money than ever thought. Up until recently, test market systems have been considered “a real treat” when found in great condition, but thanks to a manufactured gaming bubble, they’re now fetching big money – and with that comes a lot of people looking to rip you off.

Read More

The Only Winning Move is Not to Play

Little fanfare has been given to the story of a glitch in an experimental AI game from 2019, but the results seem rather poignant to me. To summarize, the AI decided that committing suicide at the beginning of the game was the best strategy because the game was too hard, and it meant fewer points Read More

Biden Should Take the White House off of Twitter

The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and disenfranchised twelve-year olds. Let us stop and reflect on the stupidity and pettiness of this argument. What the Biden administration really should be thinking about is whether to close @potus and get the White House off of Twitter completely.

Social media, especially Twitter, has year after year been on a steady course of devolving into one of the most toxic and unpleasant public gatherings on the Internet. Long before Trump took office, social media was the leading source of disinformation, threats, harassment, toxicity, and division. Combined with a platform that adopts thought-terminating loaded language hash tags (e.g. #StopTheSteal) and abbreviated messaging that lacks critical thought, Twitter has long been a platform designed to capitalize on the cult phenomenon. Twitter has been not only markedly complicit, but in a position to profit off of the toxicity, disinformation, and abuse it allows by the Trump administration and other public officials who’ve started emulating the behavior.

Read More

PSA: Someone is Impersonating Me Online

Over the past few months, a small group of individuals have been impersonating me online using fake email addresses, shell accounts, and other mediums. These individuals are skilled at social engineering, and are also criminally dangerous. So far, the purpose seems to be attempts to gain access to confidential information, and to create proxied (MiTM’d) Read More

Truth is not Partisan

If you watched yesterday’s senate judiciary hearings with CEOs from Twitter and Facebook, two things would have stuck out to you. First, why is Jack Dorsey addressing the senate from the kitchen department at an IKEA? Second, how did a judiciary hearing about misinformation campaigns somehow turn into a misinformation campaign itself? At the heart Read More

On the Psychological Demands of Working From Home

As the angst and stir-craziness start to set in from the world suddenly being forced into lockdown, I’ve seen a lot of articles about working from home, by people in all walks of life, from programmers to astronauts. Most of them offer practical beginner advice, like go outside, plan a schedule, etc. etc. That’s all good advice to take in, but after a few weeks, you’re probably realizing there’s a lot more to making this work well. As the reality of our predicament is starting to sink in, it’s important to start thinking about the psychological demands of working from home. I’ve spent the better part of my 25 year career working from home, and when I started thinking about what, if any, wisdom I could share on how to make it work well, found that I’d come up with a lot of the same things I’d already shared in a post two years ago, Living With Depression in Tech. Working at home has some fantastic benefits, but also challenges that go far beyond basic discipline development. Being productive and successful at home comes down to changing your perspective – focusing on the impacts you’re having, believing in what you’re doing, and finding ways to grow and thrive on your own so that you can maintain your drive over the long haul.

Read More

Living with Depression in Tech

I’ve been trying to avoid writing about depression for a while now. Almost nobody in tech wants to talk about things like this. A stigma still very much exists around mental illness, and in tech with all its flaming, trolling, and fragile manhood egos, people have learned to be thick-skinned. It’s taken me years to realize that I never stopped struggling with depression throughout my dysfunctional childhood, and I’ve carried it through my teens and adult life with me. I was diagnosed and medicated as a teen, but didn’t fully understand that it still haunted me, playing the same old record grooves in my brain in adulthood. As my thyroid disease began accelerating, I needed to work even harder to maintain balance or the world would come crashing in. Struggling through my career and relationships, things became easier after I understood what was going on inside of me. I feel a certain responsibility to bring to light what is likely a widespread issue in the tech community.

Depression can manifest itself in various forms for different people, and my story isn’t “everyone’s” story. I can only write from my own personal experiences. Most of this has had lifelong personal struggles unrelated to work, and while one can probably deduce this, the focus of this post is handling professional challenges. You might identify with some of these issues, and that’s great if this post helps, but it also shouldn’t be used for self-diagnosis. Depression has been far worse than the details I’m willing to share publicly, and if you think you may be depressed, you should seek professional counseling.

I have no background in psychology; I’m just sharing what works for me. I have no background in medicine either, and having been on and off medication, I can’t recommend one way or the other. I do know that all medication has its limits, so learning how to cope is an important part to having a complete life plan. At the end of the day, I can’t solve your depression (or mine), but I can share how I’ve coped with it, and won some victories. This is a survival story that hopefully might have some meaningful advice for others.

Read More

How Social Media Changed Us

The current young generation will soon have grown up without ever knowing what it’s like to not have social media. They’re also growing up without a sense of how society was before social media came into play. Whether you use social media or not, it’s likely affected your life because it’s changed how people relate to one another – including you. While there are many good aspects of social media and the concept of bringing people together, there are also many negative changes it’s had on how we relate to one another.

I’ve spent a lot of time observing others and how social media has affected them online over time, and seen the problems it can create. For me personally, I’ve never been happier to be off of social media than the past year or so when I finally ditched Twitter for good. Twitter is a creepy and toxic place, which seems to be exactly what their CEO wants it to be. I found that I didn’t like the person I had to become in order to stay on it. Most social media is a dumpster fire, but Twitter was a particularly awful experience. It simply isn’t worth the stress and distraction in order to relate to a bunch of randos on the Internet whose only goal in life is to cause misery. Social media doesn’t deserve to have the power to change you, but they do. Getting back to the humanity of relationships is almost like waking up from a bad dream: you’d almost forgotten the goodness in what normal relationships with others (professional, friendships, etc.) feels like.

So at the risk of the next generation never knowing what it’s like to have a normal relationship with others, I’ve written down  just a few of the things that are important in building friendships and other types of relationships – things social media seems to have endangered… at least, from the perspective of this old Gen-X’er. Writing all of this makes me really miss how people were before social media existed.

Read More

On the State of Open Source

screen-shot-2016-10-03-at-11-40-10-amI was just a teenager when I got involved in the open source community. I remember talking with an old bearded guy once about how this new organization, GNU, is going to change everything. Over the years, I mucked around with a number of different OSS tools and operating systems, got excited when symmetric multiprocessing came to BSD, screwed around with Linux boot and root disks, and had become both engaged and enthralled with the new community that had developed around Unix over the years. That same spirit was simultaneously shared outside of the Unix world, too. Apple user groups met frequently to share new programs we were working on with our ][c’s, and later our ][gs’s and Macs, exchange new shareware (which we actually paid for, because the authors deserved it), and to buy stacks of floppies of the latest fonts or system disks. We often demoed our new inventions, shared and exchanged the source code to our BBS systems, games, or anything else we were working on, and made the agendas of our user groups community efforts to teach and understand the awful protocols, APIs, and compilers we had at the time. This was my first experience with open source. Maybe it was not yours, although I hope yours was just as positive.

It wasn’t open source that people were excited about, and we didn’t really even call it open source at first. It was computer science in general. Computer science was a brand new world of discovery for many of us, and open source was merely the bi-product of natural curiosity and the desire to share knowledge and collaborate. You could call it hacking, but at the time we didn’t know what the hell we were doing, or what to call it. The environment, at the time, was positive, open, and supportive; words that, unfortunately, you probably wouldn’t associate with open source today. You could split hairs and call this the “computing” or “hacking” community, but at the time all of these things were intertwined, and you couldn’t tease them apart without destroying them all: perhaps that’s what went wrong, eventually we did.

Read More

Free Software Always Costs Something

Back in the late 1960s, University of California, Berkeley, published its first public BSD licenses promoting free software that could be reused by anyone. A few years later, in the 70s, BSD Unix was released by CSRG, a research group inside of Berkeley, and laid the foundation for many operating systems (including Mac OS X) as we know it today. It gradually evolved over time to support socket models, TCP/IP, Unix’s file model, and a lot more. You’ll find traces of all of these principals – and very often, core code itself, still used 50 years later in cutting edge operating systems. The idea of “free software” (whether “free as in beer” or “free as in freedom”) is credited as a driving force behind today’s technology, multi-billion dollar fortune companies, and even the iPhone or Android device sitting in your pocket. Here’s the rub: None of it was ever really free.

Read More

How App Store Apps are Hacked on Non-Jailbroken Phones

This brief post will show you how hackers are able to download an App Store application, patch the binary, and upload it to a non-jailbroken device using its original App ID, without the device being aware that anything is amiss – this can be done with a $99 developer certificate from Apple and [optionally] an $89 disassembler. Also, with a $299 enterprise enrollment, a modified application can be loaded onto any iOS device, without first registering its UDID (great for black bag jobs and the intelligence community).

Why not to rely on self-expiring messaging apps

Now, it’s been known for quite sometime in the iPhone development community that you can sign application binaries using your own dev certificate. Nobody’s taken the time to write up exactly how people are doing this, so I thought I would explain it. This isn’t considered a security vulnerability, although it could certainly be used to load a malicious copycat application onto someone’s iPhone (with physical access). This is more a byproduct of developer signing rights on a device, after it’s been enabled with a custom developer profile. What this should be is a lesson to developers (such as Snapchat, and others who rely on client-side logic) that the client application cannot be trusted for critical program logic. What does this mean for non-technical readers? In plain English, it means that Snapchat, as well as any other self-expiring messaging app in the App Store, can be hacked (by the recipient) to not expire the photos and messages you send them. This should be a no-brainer, but it seems there is a lot of confusion about this, hence the technical explanation.

As a developer, putting your access control on the client side is taboo. Most developers understand that applications can be “hacked” on jailbroken devices to manipulate the program, but very few realize it can be done on non-jailbroken devices too. There are numerous jailbreak tweaks for unlimited skips in Pandora, to prevent Snapchat messages from expiring, and even to add favorites in your mentions on TweetBot. The ability to hack applications is why (the good) applications do it all server-side. Certain types of apps, however, are designed in such a way that they depend on client logic to enforce access controls. Take Snapchat, for example, whose expiring messages require that the client make photos inaccessible after a certain period of time. These types of applications put the end-user at risk in the sense that they are more likely to send compromising content to a party that they don’t necessarily trust – thinking, at least, that the message has to expire.

Read More

A Warning to the Tech Community on Abusive Journalists

Below is a letter I’ve sent to Royal Media today regarding a journalist who has gone far beyond his ethical and professional boundaries to harass and attack me. Why you ask? Because I didn’t think a particular subject I was researching was credible enough yet to warrant a story. I wanted to bring this to the attention of the tech community as a lesson to be very careful about which journalists you choose to speak with. When you have new findings to share, the choice of which journalists you discuss them with can be harmful if you choose unethical or unprofessional reporters, who are not willing or able to come to an understanding of the details surrounding your work.

Unfortunately, this is not the first time I have had to deal with less than ethical journalists. If you recall, I’ve recently had to deal with a smear campaign from a ZDNet writer, who seemingly used her position in journalism to launch a libelous attack against me, motivated by my religious beliefs (or what she thinks they are), with the full support of the ZDNet staff, who never took any action. Sadly, today, any hack can become a “reporter”, in today’s sense of the word, regardless of what kind of journalism training, or even ethical training, they’ve had. News agencies rarely hold their own writers accountable, especially in tech, where misogyny / misandry thrive, and where personal attacks generate headlines.

Read More

Ballistic Has Been Acquired

To my fantastic Ballistic customers,

It’s been an incredible six years watching Ballistic grow from a humble trajectory computer to top the charts as the App Store’s most popular field firing system. Ballistic has grown organically – a rarity in this industry – through word of mouth, and nothing more. Not a single penny was ever spent on advertising to grow Ballistic, and yet it’s been featured in the NRA’s rifleman magazine, reviewed in a number of online magazines and blogs, and is now used by many world class competition shoots, military, and police sharpshooters. It has become a trusted name in the industry, and for that I am deeply grateful to all of you who have told your friends about it, and helped support the product with great ideas and requests.

Many of you have been asking me when an Android version is coming, or when other platforms will be supported, or new hardware that’s just now coming out, and are eager to see Ballistic continue to grow in capabilities. There are a lot of great new things that can be done with Ballistic, and I think there’s much more in store. I can’t do all of this alone, though, and so I’ve been in talks over the past few months with a team who has the resources to take the Ballistic suite of products to the next level.

Read More

1 2