Category Archives: curiosity

Things I want to learn more about. Things I have just started to explore.

i live in a hologram with you

I am obsessed with this album. https://en.wikipedia.org/wiki/Pure_Heroine

There are so many gems in the lyrics. They all break my heart. I love the way “I’m kinda tired of being told to throw my hands up in the air, so there” is old and young and something about her voice, her voice, her voice.

I can’t stop listening to Buzzcut Season. The octave piano on the off-beat already feels like an old friend.

I am so heartbroken by this song. Here are the lyrics I hear. I looked them up after I typed them out. What I hear (recorded below) is slightly wrong, indicated by corrections in brackets for no really good reason other than I think it’s kind of entertaining to write down what I thought the lyrics were before I knew what they are in canon.

I remember when your head caught flame.
It kissed your scalp and caressed your brain.
(I remember when your head caught flame.)
Well, you left. Baby, it’s okay. [Actual lyric: “‘Well,’ you laughed, ‘baby it’s okay'”]
It’s buzzcut season anyway.
(Well you left. Baby, it’s okay.)

Explosions on tv, and all the girls with heads inside a dream.
So now we live beside the pool, where everything is good.

We ride the bus with the knees pulled in.
People should see how we’re living.
(We ride the bus with the knees pulled in.)
Shut my eyes to the song that plaaaays. (that plaaays.)
Sometimes this has a hot, sweet taste.
(Shut my eyes to the song that plays.)

The men up on the news, they try to tell us all that we will lose,
but it’s so easy, in this blue, where everything is good.

And I’ll never go home again.
Place the call, feel it start, favorite friend.
And nothing’s wrong, but nothing’s true: [Actual lyric: “nothing’s wrong when nothing’s true”]
I live in a hologram with you.

Where all the things that we do for fun [Actual lyric: “We’re all the things that we do for fun”]
cannot be, let it go, [Actual lyric: “And I’ll breathe, and it goes”]
play along, make-believe, it’s hyper-real
but I live in a hologram with you.

The cold earth, the burnt-out taste; [Actual lyric: “The cola, the burnt-out taste”]
I’m the one you tell your fears to.
There’ll never be enough of us.

Explo-
sions on
tv, and all the girls with heads
inside
a dream
so now we live
beside
the pool
where everything is good

And i’ll never go home again
place the call, feel it start, favorite friend
And nothing’s wrong but nothing’s true
i live in a hologram with you

where all the things that we do for fun
cannot be, let it go,
play along, make-believe, it’s hyper-real
but I live in a hologram with you.

Screen Shot 2013-10-07 at 2.53.20 PM

Number stations

I’m creeping myself out listening to this BBC Radio 4 segment on number stations!!!!

you are about to enter a very strange world: a world of alleged spooks and spies, of conspiracies and covert operations, of illicit transmissions across the globe to secret agents on undercover operations. or perhaps just a world of fantasies, in the grip of a cold war hangover, imagining it all, just to fulfill their big brotherly paranoia. either way, what i’m about to show you is, at the very least, curious, and possibly very scary indeed.

With an intro like that, how could you possibly NOT stop whatever you’re doing and listen? I haven’t got tons and TONS of hours of listening to radio under my belt, but when I transcribed that opening passage, I realized how different speaking can be from writing. Pauses and sentence fragments.

I kind of love this xD I came across it from the musewiki page on “Isolated System.” ahhhh!!!!!!

Angaza Design won Women2.0 PITCH 2013!

I went to Women 2.0’s conference in SF last week on Valentine’s day! I had gone last year too, when it was at the Computer History Museum. This year it was right by Union Square, at the Westin.

It’s always an amazing event. So many inspiring stories.

The winner of the pitch contest was an incredible company called Angaza Design. Their product: a solar unit that can charge cell phones and power LED lights. Their customers: entrepreneurs and families in west africa, in a region where only 15% of people have access to the electrical grid. Their secret tech: pay-as-you-go energy, where you have to unlock energy with mobile payments. Mobile payments are popular there, and the way that the solar unit gets information about how much more energy has been unlocked is amazing. The unit has a speaker and mic, and the customer holds up their mobile phone to the unit, and the server communicates to the unit through the mobile phone via a series of tones, telling the unit how much more power to mete out. The unit also communicates usage and status stats back to the server. Their team has a signal processing expert on it for this. THIS IS CRAZY AWESOME! Cell coverage is apparently very good in the region, and many people have feature phones (some around here call them “dumphones”)–I think it’s amazing because it’s using available technology and infrastructure in a novel way. I can’t believe they’re doing it like this. As someone who loves it when people find weird new ways of using existing tech, I think this is awesome.

As they pitched it, it sounded like the model for pre-paid cell phones: pay for a unit, then pay for minutes (or, in this case, energy). When asked by the judges, the CEO said that the unit costs the business $35 to make and they are charging $10 per unit, because it’s a significant enough investment that people are thinking about it, but not so costly as to shut out a large portion of their market. (One of the judges asked specifically if $10 was too much for the area.) The point is that you sell the unit at a loss and make money off of the minutes (energy). That night, I was thinking about it more, and wondered if they’d keep making money off of the energy produced by the unit forever, and how it was breaking my brain because the old “charity” way would be to do some kind of Kiva-ish campaign and get people to give out units for free without metering and provide power to a bunch of people … but then there’s this project to fund Angaza on SunFunder, which explicitly states: “When they’ve paid the full price of the product, the SoLite is permanently “unlocked” and our customers get free, clean, reliable energy for the remaining life of the unit.” This makes me feel better. As long as the metering is actually a way to “pay the full price of the unit” — Angaza makes money, it’s accessible to more people because the onboarding cost is way lower, sounds like everybody wins.

It’s a fascinating blend of social good and capitalism. The SunFunder campaign is not Kiva-style where the money or even devices bought by the money go directly to the families in Mwanza — the campaign was to raise money for the American company Angaza, so that Angaza could make the product and bring it to Mwanza and sell it to people there. I guess a benefit of doing it this way is that if you make money doing it, you’ll keep doing it, and you won’t have to rely on public charity. It’s business. It’s… sustainable. (see: tom’s shoes, which has a non-profit and a for-profit arm.)

When one of the judges made a comment about social good, the CEO spent some time saying they didn’t want to get “pigeonholed” into a “social good company,” because the potential for revenue in this business is huge. That was fascinating to me. She said that it was great to help people, but kept mentioning how important it was not to get “pigeonholed” and it sounded like she wanted to make sure people understood how viable a business it is. The pitch opened with a bang, too: she showed some slides that had starving children on it and asked the audience, “is this the africa you think you know? well, let me show you the africa I know and love and work in” and showed a picture of happy kids looking at a feature phone. She said something like, “Africa is not the sob story fed to you by the American media” and something about potential customers.

Fascinating. They were easily my favorite company that pitched, partly because the “use tones from the feature phone to communicate between unit and server” blew my mind so much. But there’s much more for me to learn about doing business in third-world countries with a social good plus capitalism bent and the language to use.

Suffix Tree Dreams

One day, I will understand suffix trees, and I will implement them in Ruby and find the longest repeated substring in Hamlet and run benchmarks. Then after that, I’ll, uh, write it for Ruby in C, which I only know a tiny bit about because of posts like this one about heap memory and ruby strings. DREAM BIG LOL

For now, all I see is this gem called rubytree, which I haven’t even tried yet, but it appears to have a general node-based tree and a binary tree.

I care because we did this (find the longest repeated substring) as a contest in cs170 in 2003 and sometimes Peterson and I still talk about it even though it was nearly a decade ago. I came in 43rd out of 113 then. I really, really wish I just copied my code into my livejournal back then, because I would have loved to see it now. I used to do stuff. I wonder if I have a backup buried somewhere on an old hard drive.

One day. In that marknelson.us article, I get the parts about the suffix trie, but the parts about the suffix tree are too much for me to masticate.

In other news, I am reading JavaScript: The Good Parts on Jen-Mei‘s recommendation, and dreaming about going to Fluent (o’reilly javascript conference) in May.

JavaScript: The Good Parts has a butterfly on its cover. I wonder what language Nabokov would program in. What is the most extravagant, versatile, expressive language? Also, what languages are like Russian, then what languages are like English? Maybe English is like JavaScript… cobbled together from a bunch of influences.

Also, 5:50AM WHYYYYY

PhoneGap + Wikipedia meetup (1/23)

I went to the PhoneGap + Wikipedia event at Adobe immediately after the Wikipedia hackathon. I heard about it that Monday in the irc room O_O and thought initially that I couldn’t go, because I usually have Spot the Octopus rehearsal on Mondays… but that week, some Spots were sick and others out of town, so I decided to attend the meetup instead. And I’m glad I did — we got more info directly from Tomasz and Yuvi about why we should care about a Wikipedia phone app, why they’re using PhoneGap plus what they learned, and next steps. MOST interesting: how they’re encouraging editors to edit by using location and presenting them with “articles around you that need improvement”!!!!!

Here are official links to slides (via @WikipediaMobile) and video (via @stevesgill). =D

I was also super-excited that someone asked a question about easily surfacing the content of a page. She was interested in making the content more accessible, because people today are overwhelmed by all these tags and information. Tomasz even got a microphone over to me so I could say how Neil and I did it in our app (we used parse, not query, and regexed out all the html tags, and Neil thought of taking out everything in tables to skip the infobox! haha. It’s a bit hacky still.) And when I sat down, my phone vibrated, and there was a tweet from Words With Bears teammate Jen saying that she’d seen me on the livestream… haha!

Then I talked to Hearplanet, which is providing text-to-speech MP3s of places of local interest for tourists/city explorers. They’re using Wikipedia as one of their channels of information. Fascinating.

My notes from Tomasz’s and Yuvipanda’s talks are below / through the jump!

Continue reading PhoneGap + Wikipedia meetup (1/23)

Wikipedia SF Hackathon! BERLIN HO!!!

I went to the Wikipedia SF Hackathon this weekend at Parisoma! Neil and I coded a phone gateway for the English Wikipedia on Twilio. You send it a text with your search query (like “Barak Obama” or “Seattle”) and it calls you back in a few seconds and reads you the entire text of the article. =D

CODE: https://github.com/judytuna/SMS-Wikipedia — it calls the Twilio API, in Ruby, using Sinatra, hosted on Heroku. I wouldn’t have been able to do any of this if Twilio (the amazing Sasha is the best developer evangelist ever), Ruby (sfruby.info like woah), and Heroku (who sponsored one of my early wwcode-rails meetups, and also sponsors Blazing Cloud sponsorships!) didn’t have the community presence that they do. Seriously, I can’t believe I get to live in San Francisco where all of this is happening RIGHT NOW. Look at this technology! Look at what it’s enabling us to do!

Romy wrote super-comprehensive notes on our product and process and drew pictures here: http://www.mediawiki.org/wiki/San_Francisco_Hackathon_January_2012/Teams#Wikipedia_SMS_.2B_IVR_on_Twilio

On Thursday, I had gotten an email urging us to check out the project ideas, and came up with the SMS gateway idea and added it to the project page.

Why did I want to do this so badly?

  • I didn’t have a smartphone until December and always wished I could look stuff up on Wikipedia when I wasn’t near a computer.
  • When we get phone tree stuff working, this could be used by illiterate or blind people.
  • In areas where access to tech is low but phones (not smartphones) are ubiquitous, this could be a way for people to look stuff up on wikipedia. This is mind-blowing.

It was an amazing experience and I learned so much from Neil and our team won first place!!!!!! The prize: flight and hotel to another wikimedia hackathon. The next one will be in Berlin in May!!!!!!!!!!!!! I’ve never been to Berlin! I’ve been to Europe once–London and York, with my high school choir, in 2000.

We have lots of ideas for the next steps of this app. I am considering setting up a kickstarter (as long as it’s okay with the wikimedia foundation??) to pay twilio for the app (actually I have no idea about this…)… It’s still in the “twilio sandbox” for now so I can’t show it to you yet (because your number has to be a “verified number” for MY twilio account in order for it to call you back I think). But I’m about to put my credit card info in so I’ll be able to show it off to the world soon.

The app definitely works =)

At the Hackathon, I REALLY enjoyed the PhoneGap demo. Tomasz and Yuvi showed us the Wikipedia app that they just pushed to the Android store last week, and guided us through adding a menu item. js! css! wow!!! I think the tutorial that they used would be ideal for a Railsbridge-style workshop (it starts with “how to get stuff installed” and it was surprisingly fast and easy).

So PhoneGapBridge is incoming. I’ll plan it 2 weeks off of a Railsbridge. =D

I’m learning so much. I met so many amazing, amazing people. I got interviewed by Wikimedia Foundation Storyteller Victor–how cool is his job title? I got my picture taken with leaves. I told him that I had serious class issues and loved online communities and want everyone to have access to information and nothing scares me more than loss of free speech and was generally completely incoherent but I kept banging on my knees the whole time because of HOW EXCITED I AM.

Judy with Leaves
I am a dork

I wondered where I’d seen Toki Wartooth Brandon and then realized this morning that it was the fundraising banners! I basically couldn’t believe I was there all weekend. They’re right here in San Francisco!

I told everybody who would listen about Lukas and Elsa’s Occupedia, which is an initiative to create meetups that encourage underrepresented groups to contribute to wikipedia. Lukas wrote about the first event and I showed everybody haha.

I fucking love wikipedia. I love the wikimedia foundation. I want more. I was talking to Daniel from Germany, who said “I want to see a separate mobile app for a different set of users — the ones that spend a lot of their idle time patrolling new edits. There should be an app that lets them to it easily at the bus stop.” PHONEGAP HOOOOOOOOO

Sumanah was amazing and kept things going and was crazy and enthusiastic and welcoming. I met Leslie, a network engineer, who knew someone else that I knew from Railsbridge. I talked to Danielle (women in tech!), Elizabeth (Android!), and Rosemarie (who I’d met at wwcode-rails!). Phil asked me how I was going to pay Twilio for it D: I learned about Microsoft’s bridges with open source from Ben and Doug and it was fascinating and I tried asking them about openkinect/k4w, but their department doesn’t interface with xbox stuff =) I met Rupa of CodeChix and there are machinations afoot.

AAHHHHHHH!!!!!!!!!!!!! I AM SO EXCITED!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Last-minute homework

I’m taking ai-class.com with 130,000 people on the internet. 80,000 were active in a 24-hour period over the weekend. Homework 1 is due in about 4 hours (4:59pm on Sunday Oct. 16 in my time zone), so naturally, I’m doing the homework now.

Here I am, chugging along through the videos, when they stop loading. I reload the page and get this: “We’ve had an absolutely massive surge of last-minute homework submissions.

We’re going to be back online soon. The deadline has been pushed back by 24 hours to 23:59 UTC on the 17th.”

hahaha

Getting started with Rails – what I’ve done so far

Five days ago, I restarted the hartl Rails tutorial book so that I could do it in Rails 3.0.9. These are my notes: I took them so that when I try to make my next project, I can find information more quickly! They grew much bigger than I meant. Doesn’t wordpress have a “read more –>” button? Follow the jump for the braindump! =D

Continue reading Getting started with Rails – what I’ve done so far

help me understand salt

“salt” makes a rainbow attack computationally unfeasible (reference). You take a plaintext password, give it some salt (usually a timestamp, so no one else will have the same salt as you), then take the password and the salt together and put them through your encryption method, and then put the encrypted pw in your database. Then to be able to use the password later, you have to store the salt along with the encrypted password (so that you can take the password the user gave you and mash it with the old salt and see if you get the same encrypted_password that is in your database). So I was confused… since the [encrypted] salt AND the encrypted password are in your available, if an attacker has access to your encrypted password (from your database), then ey also has access to the associated salt. So can’t the attacker take the salt, mash it in with their rainbow table, and then eventually (after a long ass time) potentially get a match with the encrypted string (to get the plaintext password)? I didn’t really understand salt for that reason.

Wikipedia says: A simple dictionary attack is still very possible, although much slower since it cannot be precomputed.

So that means that I was right about an attacker making a rainbow table with the salt, but it would take forever and ever and ever and a lot of space and would only work after you had your hands on the salt already. And every salt is different. Hence they say it is “computationally unfeasible” instead of saying it is “IMPOSSIBLE”. Cuz like if my salt sucked (or if my salt was great but we also had faster-than-light travel and human teleportation and all the space and computing power in Hermione’s magical purse) then ey could just pre-generate a bunch of tables of all the possible salts with all the possible plaintext passwords and stuff. Is this correct?

Here’s what I’m talking about, pulled directly from my rails tutorial book:


def encrypt_password
self.salt = make_salt if new_record?
self.encrypted_password = encrypt(password)
end

def encrypt(string)
secure_hash("#{salt}--#{string}")
end

def make_salt
secure_hash("#{Time.now.utc}--#{password}")
end

def secure_hash(string)
Digest::SHA2.hexdigest(string)
end

Hash it once, hash it twice, [something] makes the [something] taste nice. Isn’t there a children’s song that goes like that?

But I’m still confused. Let’s say I’m a hacker and I got this database. I make a rainbow table for all the possible salts and find the Time.now.utc that made the salt. Then I make another rainbow table where the entries are all of the format “[the salt I figured out]–[all possible strings for a plaintext password lol this would still take forever]” until I get one that matches the encrypted password. Right? I mean I understand that this makes it more secure than without salt, because you can’t precompute it, and it would take forever, but what if like the president was a member of this website and I wanted to hack into eir account, and I was willing to make multiple rainbow tables (and wait forever) to make it happen? Then I could get the password for that one account, right?!

So if all that is correct, then the reason we use salt is that… people would only make rainbow tables if there was the hope of getting a lot of users’ info (to make it worth it), because it’s just not worth it to to it for 1 person (which you would have to do if the passwords were salted) (but if you really REALLY REALLY wanted to for 1 person, you still could). Right? D:

Also pepper is better anyway.

(xposted at g+)