Useful Political Analogy

On a recent visit home, my mother and I got into it over the value of government services, and whether it was worthwhile to go into deficit to support social programs. I don't know if I was able to communicate my idea that government has economic value, even though it doesn't directly produce wealth (her phrase, arguably put, but I hope my meaning is clear).

C.L. Hanson at Letters From A Broad posted an essay about the public/private divide in which she uses the analogy of a lighthouse.
I think the classic example from economics 101 is the lighthouse. In a costal city, no private individual or corporation profits enough from the lighthouse to pay the entire cost of building it, but the entire city profits from the trade that is made possible by affording ships safe access to the local harbor.

Well, either I didn't get that analogy, or I didn't remember it from Economics, so I'll try to remember it for the next time it comes up. (Emily really hopes it doesn't come up.)

My First 3D Nebula

Obviously everything in space is three dimensional, but you get pretty used to 2-d images of the sky. If we saw the big dipper from a different angle they would look totally different (lesson plan pdf for teaching this to kids). Even though I knew this academically, and I even had an image in my head of the spatial arrangment of things, I always imagined nebulae as clouds (I suspect Star Trek may have led me astray). This fellow, J-P Metsävainio, has developed a method to gather some distance information to simulate an exagerrated paralax for stellar objects. The result is an animated gif that simulate maybe 10 degrees of rotation of a nebula called IC 1396. It's pretty awesome (but 7MB, so I'm putting it below a cut).

Collapse )

via Bad Astronomy

Heart Swelling Beauty

I've been catching up a little on some Bad Astronomy while I wait for sucktastic Open Office to apply a filter (for some reason it's really slow on Ubuntu 10.04, compared to a Windows VM running on the same system). [Just checked, it's still working.] And I found two posts that just make my heart swell:
Image credits: NASA, ESA, and the Hubble Heritage Team (STScI/AURA)
With the second one, I recommend you take a moment to download the full image (huge, 60MB), and look at it on the largest monitor you have.

Look at how breathtakingly vast and complex the universe is, and every point of light could have planets with people looking up and wondering the same thing.

I think I have something in my eye.

Sexism Hurting Men

There's this idea that sexism (in the traditional direction of the term: men are superior to women) largely hurts women, but it causes issues for men too. There's a TED talk about the "Man box": acceptable activities for men are limited by what is manly. Here's an example about
how sexism hurt laptop adoption.
Though Hawkins doesn't quite say it. There is a distinct gendered component to this discomfort. Typing was women's work and these business people, born in the 1930s and 1940s, didn't scrap their way up the bureaucracy to be relegated to the very secretarial work they'd been devaluing all along.

Because -- and here comes the psychological reason -- they were not good at the work that their female employees had been doing. And that made them feel bad.

via Skepchick

TIL Historical Particularism

There's a pretty good article up on Skepchick today about Franz Boas (who revolutionized anthropology).

It's a good article, and makes him sound like a pretty interesting person, but the passage I got focussed on was about Historical Particularism.
Historical particularism is the idea that societies have particular or unique histories that inform how their cultures evolve. This concept is in direct opposition to the prevailing unilineal evolutionist paradigm of that time, which stated that all societies evolve teleologically through the same stages (as explicitly laid out by E.B. Tylor’s progressive stages from “primitive” to “civilized”).

This was interesting to me because I internalized an opposite idea from Star Trek. In multiple episodes of TOS and TNG, characters would describe the progression of various worlds in a linear way (Wikipedia uses "parallel evolutionism" instead of "unilineal"). There are two different "Industrial Scale"s used in TOS, Hodgkin's law of parallel Earth development is cited, and yet the crew is shocked when industrial Rome is polytheistic in "Bread and Circuses". The Richter Scale of Culture is busted out in "Errand of Mercy" too. I can't at the moment recall any TNG examples aside from references made to "like Earth in the Xth century".

I have idly wondered if such chains of events would necessarily occur in the shaping of a culture at the zoomed-out level that Star Trek examines, since the individual culture aspect obviously hasn't been bourne out (it blew my mind the first time I talked to a Muslim about alternate banking structures). Now I have a label to put on that musing. I think it would be fascinating to see if similar sorts of culture were to dominate on an alien, but not-to-alien world.

via Skepchick

Great Explanatory Article on Password Security

I never understood what hash salting was until I read this. A really good article which explores all the angles on making a basically secure web-app, with a lot of examples.
So the lessons for developers:

  1. Password storage should always be done using a strong hashing algorithm. IT should be one designed for password storage and also use a cryptographically random salt. It also must be a slow hashing algorithm – read Our password hashing has no clothes if this is a foreign concept.

  2. Password retrieval should never happen. Indeed it can’t if you’ve implemented the previous step correctly. Always implement a secure password reset process. Read Everything you ever wanted to know about building a secure password reset feature for some tips on this.

  3. Never mix HTTP content into your HTTPS pages. If HTTPS is important to you – and it should be – either explicitly refer to the HTTPS protocol in your references or even easier, use protocol relative URLs. There’s plenty of info in OWASP Top 10 for .NET developers part 9: Insufficient Transport Layer Protection.

  4. Always send authentication cookies over HTTPS. These are almost as valuable as the password itself; it gives anyone who holds them the rights to perform any tasks the user who originally authenticated to the system can. See the link in the previous point for more information.

  5. There should never be restrictions on password entropy. Don’t exclude special characters, don’t chop the length at a short, arbitrary limit (if you have to, make it 100 chars or so) and definitely don’t implement a system which is case-insensitive. See Who’s who of bad password practices – banks, airlines and more for more common mistakes.

  6. Ensure basic security configurations are correct. Tracing is off, custom errors are on, a default redirect page exists, debug mode is off, etc. This is obviously for ASP.NET, but there are parallels in other web stacks. Check your .NET apps with ASafaWeb.

Heights of Human Endeavour

It's amazing to think about the inspiring heights NASA has reached, the complicated problems they have solved, and the edge-of-seat hanging feeling they still give you with descriptions of the real things they are doing. I would love, one day, to go to space and another planet, so long as it didn't mean saying goodbye forever to my friends and family on Earth.

Curiosity video via Pharyngula
Mars One via Sci-ence