Met Runar, Discussed Software

I met with Runar (he’ll have a blog soon, I swear) today, and we discussed open source, Python, and all related goodness over coffee and vegetarian lunch free-riding on the ‘sNice wireless network.

We spent about 3 hours there, just talking about Runar’s project, “sqlstring”, my ideas about inferred typing and static source code analysis in Python, Python’s niceness in general, user interface toolkits, AJAX being a big, nasty hack, and web application frameworks in Java and Python. Our discussion really degrenerated into praise of vim once we discovered that we were both happy users. Text editors really bring people together.

Runar kind of convinced me that trying to infer all the types of objects is very “unpythonic,” which I guess is true since it discourages the crazy stuff you can do with Python. Maybe the best thing to do is judiciously eval code, as was my original impulse for getting nice completion out of Python? Not sure.

Or maybe I should just give up the idea and accept the fact that vim plus ipython is just about as good as it gets. That seems like a cop-out, though.

Regardless, Runar seemed somewhat willing (only half-willing) perhaps to give a small talk for Free Coders on Python, I’ll see if I can convince him that it’ll be fun. I suppose I could give the talk myself, but I already do all the talkin’.

Fog of War: A Truly Thoughtful Movie

I only just tonight got to watch Fog of War, a documentary which interviews Robert S. McNamara and draws from his past experiences lessons about the nature of foreign policy and wars.

One of the most thoughtful and thought-provoking movies I’ve seen about a person who advised presidents who had the power to wipe out entire countries with a single military order, and who years later realized that nuclear warfare and human fallibility can only mean something horrible for this society of ours.

You must see this movie; after you do, you’ll also see why I’m not so quick to buy the line about the necessity of Hiroshima/Nagasaki.

User interfaces with GTK+ and Glade

I’ve been hacking up a user interface for my motion capture/computer vision project called “Hand2Hand,” found here.

At first I was gonna do the user interface in Python and have the image processing done in C, but then I decided that the user interface was simple enough that I should just give GTK+ in “pure C” form a try. Of course, I used Glade, which drastically reduces the amount of annoying code for things like Vboxes and Hboxes and Containers you have to write. In fact, using Glade, interface design becomes somewhat straightforward in C. Which is weird, because C seems like it was never built for user interface design, but the g_signal system makes it easy to catch events that occur in your program, and GTK+ is high enough abstracted that you can do pretty well. I don’t know how well GTK+ scales for large programs (i.e. many dialogs, many lists, etc.)–in that case, I think I’d definitely pick a higher level language.

Looking forward to how this application may turn out. OpenCV looks like a pretty awesome library.

Annotated and Hyperlinked Notes on Professor Dewar’s talk on Software Copyrights, Patents and Free Software

Below are a few notes I took at Professor Dewar’s talk the day before yesterday. I also annotated them a bit with relevant hyperlinks.

When I find a copy of Dewar’s slides posted online, I’ll link to those as well.

  • Libertarian thought: property rights are central. If you regard ideas as property, Ayn Rand’s position isn’t surprising.
  • Jefferson: private letter to Isaac McPherson 1813. “He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me.”
  • Jefferson faction won on this issue, Intellectual Property Clause.
  • Copyright extension case, now life + 90 years.
  • England: history of copyright, fundamental moral right?
  • Software: special case of copyright infringement and trade secret violation simultaneously!
  • Computer Associates vs. Altai (source vs. object code copyrights, interesting read here).
  • Borland copying a macro language (interesting, if old, article by an MIT student), Supreme Court.
  • Derived works: fair use provisions. But fair use goes to juries, and it’s very vague.
  • Software will never fall into public domain, due to perpetual derived works.
  • Patent an invention, but not an idea, but in practice you can patent either. Europe turned down this law.
  • “Obvious” patents. Juries can’t really judge how obvious they are.
  • You can copyright a non-obvious combination of obvious ideas. Intermittent wind shield wipers.
  • Does a program express inventions and ideas? Is software is distinct from physical stuff?
  • Big risk for free software–patents can ask for damages. And patent is secret until it’s granted (this may not be true, I can’t really tell for sure: “To protect your privacy, we suggest that you delete such information from any documentation you send the office. Alternatively, you may request that the submissions be kept out of the public file, if appropriate. (See MPEP Sections 724. 02 to 724.06.) Please remember that all patent application files are published and made available to the public 18 months from the filing date, unless a non-publication request is made in the application. Additionally, all patented application files will become available to the public upon the grant of the patent.”).
  • Open Source business model can work–selling support and services, while keeping code GPLed.

George Carlin goes morbid

George Carlin’s last comedy routine was a little disappointing. He has become horribly bitter and depressed. He had a couple of good lines in it:

On feminism, “hey ladies, men are about 4 times more likely to commit suicide than women are. So, if you want that whole equality thing, you better start killing yourselves in large numbers.”

On necrophelia, “the great thing about necrophelia is that you don’t have to bring her the flowers. They’re usually already there.”

But he also had a 20-minute-long tirade about a 24-hour “suicide” network that was really difficult to watch due to its being more depressing than funny. And he used the phrase, “this depraved, twisted culture of ours” a bit too much. It is depraved and twisted, but after awhile you get the point.

I like his old stuff so much that I have to just let this “slide.” Like when he opened the show I saw in Burlington with:

“You ever notice that women who are against abortion are women you’d never want to fuck in the first place?”

and later on,

“Ah, women. Y’know, I never had a ’10’. But I once had five ‘2”s.”

He is a comic genius. But it’s hard to last as long as he has.

Outfoxed and trust networks, revisted

I think everyone should revisit Outfoxed, if you’re interested in a truly interesting new approach to bookmarking and web browsing that actually takes advantage of all this “Web 2.0” hype and nonsense.

I just mentioned this to Free Coders on the mailing list yesterday.

The application of “trust-based networks” is very wide. I think it’s the “trust” factor that makes eBay successful (perhaps even viable!). New services like Pandora and Last.fm recommend music by trusting that users who rate music are being honest. eBay users buy from trusted sellers by assuming that those who rate the sellers are honest. These assumptions may be fallible, but they’re better than nothing. And it’s only natural that this trend would spread to web browsing.

I think trust networks should be applied to political organizing, both to reduce risk of people showing up just to start trouble, and also to enhance the perceived value of a meeting based on the combined trust of its attendees. I’m going to think about this a bit more in the next few days.

(Meanwhile, I got in touch with Runar from the Google talk with Alex Martelli, who is working on an awesome library for Python called sqlstring. Check it out. I’ve also been thinking about expanding on my earlier ideas on Python inferred types; we’ll see if I find the time.)

Found out how I got hacked originally

I run a tool on my server which creates charts based on basic server vitals, like free disk space and CPU load averages.

It’s called cacti, and it’s great.

Except, apparently this security hole allowed the hacker who originally broke into my server to get in. He was able to execute arbitrary commands via the good old URL string hack. (He did the same thing as is described in there: wget’ed his own script which added a new user for himself and added him to sudoers, and then connected via ssh).

In my latest upgrades, I saw that this cacti bug’s been fixed.

Scary stuff. Computer security, these days. How does a php script have code which can run an arbitrary command? My Java Servlets never have a way to run command line apps by way of specific arguments in the URL string. Sigh. In *nix we may have [basically] all-or-nothing security (that is, if you discount ACL support)–but knowing this, please prefer “nothing” to “all”, for crying out loud!

Corporate obligation to shareholders

Here are some interesting viewpoints on corporate obligation to shareholders. One comes from Jeff Darcy and the other two from Mark R. Kleiman.

Before reading this, you should introduce yourself to the nice debate going on in the blogosphere right now on corporate responsibility, sparked by this post.

Here is Jeff’s response.

His [Mark’s] approach is reductio ad absurdum, but I think there’s an even more important flaw in Friedman’s reasoning. This flaw is the all too common assumption that “money is everything” and therefore any value not represented in monetary form is irrelevant. In this case, this leads to believing that people invest only based on (direct, short-term) monetary return, but that’s simply not true. When people buy stock, they do so based on a certain assumptions. They assume that certain legal and moral restrictions are applicable to what the company does, and they invest based on that assumption. This is particularly true of “green” or socially-conscious investors, who might be making decisions based as much on a company’s image or reputation for ethical behavior as on their purely financial performance. In a sense one might say that such investors have monetized their morals by making such investments, but that doesn’t mean they’ve given up those morals forever in return for profit. Presenting such an image and then acting in a wholly different manner is a form of fraud, and unconscionable. The same principle applies to every company and investor, though usually to a lesser degree. If the moral justification for what companies do is fulfillment of shareholder expectations, then expectations other than profit must be considered.

There’s an even more fundamental problem that shareholders do not adequately represent the interests of all who are affected by a company’s actions, and that those others deserve consideration too, but that’s probably best left for a future article.

I think what Jeff has to realize, however, is that the issue here is the morality of proximity. People feel moral obligations to things that are close to them, either physically or sentimentally. I feel moral obligations to homeless people I see on the street in front of me, but don’t feel as much of an obligation toward, say, sweatshop workers in Malaysia who are abused by their managers. Despite any of my moral principles, despite what I think and know to be right, I still end up buying clothes and things made by those sweatshop laborers, or I continue to buy products whose production destroys the environment.

Even if I had all the information in the world, say I knew Gap abuses its workers, and so I knew if I bought a Gap shirt I would be supporting a business that abuses workers. But then things get complicated. The shirt is already made. The abuse was already done. My buying the shirt doesn’t actually abuse workers. I am just buying a shirt. I need a shirt, its price is right, I’m buying it.

We can’t expect ethical principles to just come to us by people boycotting industries that subvert them. Imagine if the abolitionists, rather than forming a political party and trying to get slavery outlawed, simply said, “We will convince everyone not to invest in these companies, and to not buy these goods.” Do you think this kind of boycott would have really succeeded? Do you think without the understanding of basic human moral principles that went along with the abolitionist movement, we would have advanced past that dark part of our history?

Slavery exists today. People are indentured servants in other countries, working for outposts of American companies. I agree with both posters that laws cannot be made for every moral principle. But no one has mentioned that we aren’t asking for laws for every moral principle. We’re asking for laws for all the most basic ones that relate to labor, the environment, etc., such as not being abused in the workplace, and not polluting our precious ecosystems.

As a shareholder, I continue to invest in companies who may be doing morally bad things far away from me. Shareholders didn’t cash in their morality, they just don’t know the bad things companies are doing, or, if they do know, they are being done so far away that they simply don’t care.

If it were a company that abused American sweatshop labor, and polluted rivers in small-town USA, then [most] people probably wouldn’t want to support that company with their wallet. But when the labor is in Malaysia and the polluted rivers are in China, we do it because we simply don’t care about those other places as much.

An interesting piece of philosophy was written on this topic by Peter Unger. It’s entitled, “Living High and Letting Die.” Try to find it at your local library.

Mark also posted a response to the debate.

What the Friedman argument is missing, it seems to me, is a realistic idea of what shareholders want with regard to how their companies do their own business, and all sorts of good behavioral evidence shows that to be a lot more complicated than maximal money returns. Friedman is right that corporate leadership is obligated to advance the interests of shareholders, but it is also obligated to discern these interests and discover–I expect–that shareholders want to trade some possible returns for a clear conscience about environmental responsibility, decent treatment of workers, honesty in trade, and the like.

Yes, they would probably trade some of their returns for a clear conscious. But how about we get to the heart of the matter: shouldn’t American companies be held responsible for immoral actions they do outside of the United States? Don’t we need to come to a global understanding of the rights of workers to healthful working conditions, to a work/life balance, to less abuse? Don’t we have to come to a global understanding that harm done to the ecosystem in China does affect all of us, and shouldn’t we try to do something to stop these companies from ruining our Earth?

Shareholders are just in to make a buck off their investment. They’d prefer it be done in a way that leaves their conscious clear, sure. But we can’t expect shareholders to save the day when it comes to enforcing our society’s (that is, this one, global society’s) minimal moral standards. We need to use our power as a democracy to control these authoritarian structures, even as they hop around the globe trying to avoid any confrontation by going to places with the least restrictive set of laws.