Posts

Your silly email parser is not good enough

Read and weep. The originators of the internet have deemed this (RFC 5321, 5322) to be a valid email address:
Address: <(!) "foo;bar,shar!" (woof """) @ (blah; zar, far) +-!~.example.com (???)> Local part: <(!) "foo;bar,shar!" (woof """) > Domain: <+-!~.example.com> Domain is VALID according to RFC 5322The text inside parentheses are comments. Yes, our forefathers saw it fit to allow email addresses to contain comments. Maybe to include instructions for the postman.

The local part is preserved exactly as-is because of the following:
"Consequently, and due to a long history of problems when intermediate hosts have attempted to optimize transport by modifying them, the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address."Detailed analysis of the address's structure:
Root at 1:1 addr_spec at 1:1 local_part at 1:1 quoted_string at…

Facebook predictions: The campaign against Zuckerberg is about message control

Context: Like Google, and the rest of the almost-parasitic surveillance capitalism, Facebook is a snooper. Like Google, they position themselves to be unavoidable:
Through Google Analytics, Google is there on most websites you visit. Through popular web frameworks like React, so is Facebook.If you use Android or a Google app, Google knows everything about you through your phone. If you use Facebook, Instagram or WhatsApp – so does Facebook.Observation: There is currently a media campaign against Facebook. This campaign is:
Coordinated. Facebook hit pieces are appearing across a variety of media outlets.Persistent. Facebook hit pieces have been appearing since Donald Trump's election.Misleading. A headline will say Facebook shared your private messages with Netflix. It turns out Netflix had technical ability to access your messages as part of a cooperation to insert video into chat. The article emphasizes how a Netflix developer might have abused this. Facebook developers can do that…

Simple things that do not work in the US

In the well-established tradition of being a grumpy person who complains, I can't resist describing a couple unexpected things a European might expect would work in the US, which do not work well at all.

In this post, I avoid major things. If I didn't, I'd have to start with the US medical system. Or the extortion-enabling software patent system. Or the gerrymandering of political districts. Or first-past-the-post voting instead of ranked-choice. Or the lack of any accountability by the "news media" - of any brand - to report what's true and important, and to not misinform with what's false and unimportant.

You get the gist. This is about a couple of everyday things.
Dysfunctional TelephonesUnlike any other country I've lived in, in the US you can expect to be bothered by illegal spam calls with faked caller ID numbers multiple times a day. I'm in the "Do Not Call" registry, yet today I'd been up for 4 hours and had already received t…

Redditors with absolute powers

For the past few years, I've been conducting an experiment. It began unconsciously, simply because my obstinate character has sparked conflict. (I'm trying to defuse this tendency.) However, I've continued because I realized what was happening to me was unfair, and the problem was bigger than me. In the absence of external limitations, I wanted to see how much of a reason people need to indulge their power in unfair ways.

I'm talking about Reddit moderators. Though their power is a despot in a teapot, these are as close to "divine beings" with absolute power as we have. Even police officers – who in the US can kill people at random, or throw flash grenades into children's cribs – even they face inconvenience. They might hear a reprimand from their boss, their department might face a lawsuit, there may be media attention. There might even be a grand jury, though almost never an indictment.

In a virtual community though, there are no consequences for a mod,…

Faux stoicism of the confused libertarian / Trumpian variety

I recently read about a woman who committed suicide. She had a degenerative muscular condition that was kept in check by expensive medicine. Under Trump, funding to two of the programs she used was cut. The supplier of the medicine that kept her from dying a slow agonizing death announced billions in profits and a price increase in the same week and she wasn't going to be able to afford it. One of her last posts was that she had about a week's supply left. She put a message on a group board asking someone to come pick up her cats and take them to her mother's house and hung herself.

If one tells this story to the right people – to many of the Trump supporters – they are willing to say "good riddance" to this person to one's face. They feel no one should be forcing them to pay for other people's health care, and if people with degenerative conditions die, that's a righteous outcome of natural selection.

Very likely, the pills she needed were only artif…

Dunning-Kruger effect in academic subjects without test of truth

Earlier this decade, a computer simulation showed that, because of the Dunning–Kruger effect, a democracy cannot consistently elect better than mediocre people:
Mato Nagel, a sociologist in Germany, recently implemented Dunning and Kruger's theories by computer-simulating a democratic election. In his mathematical model of the election, he assumed that voters' own leadership skills were distributed on a bell curve — some were really good leaders, some, really bad, but most were mediocre — and that each voter was incapable of recognizing the leadership skills of a political candidate as being better than his or her own. When such an election was simulated, candidates whose leadership skills were only slightly better than average always won.I'm not sure if anyone has tried to research this further. However, it comes to mind that if this result is true, it can be extended to academic fields of study.

Education is commonly divided into STEM – science, technology, engineering, m…

We kept it gray

Image
Thanks to the work, feedback, and help of many others over a period of years, I can now call myself a published author! (*)

(*) Technically correct - the best kind of correct!

RFC 8308: Extension Negotiation in the Secure Shell (SSH) Protocol
RFC 8332: Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell (SSH) Protocol

Though to be completely correct – the first was this small but honorable mention in 2012:

RFC 6668: SHA-2 Data Integrity Verification for the Secure Shell (SSH) Transport Layer Protocol

This Futurama quote is now applicable to me as well. :)