In an email explaining how he optimized GNU Grep for speed, Mike Haertel discloses the secret of high performance software:
The key to making programs fast is to make them do practically nothing.
In an email explaining how he optimized GNU Grep for speed, Mike Haertel discloses the secret of high performance software:
The key to making programs fast is to make them do practically nothing.
I’m writing a very simple deployment script that logs into a remote server and uses Git to pull the latest code from the remote repository. The deployment application runs on Server A, and it will update code on Server B and Server C.
The deployment application is written in PHP, and it’s easy enough to call the ssh command using PHP’s shell_exec() function. Well, calling SSH is easy, but making it work is a bit more difficult.
SSH really wants to run as a user who has a .ssh directory in their home directory. First, it needs to find the private key in order to authenticate against the remote server. You can get around that using the -i flag and pointing at a specific key file. You also need to indicate to SSH that you don’t care about the host key (which prevents you from being victimized by man-in-the-middle attacks) or to point it to your known_hosts file. You can specify a custom location for that using the -o option, like this:
-o UserKnownHostsFile=keys/known_hosts
Even after that, though, SSH still insists on using a .ssh directory for the user running the command, in this case, the Apache user. Creating such a folder doesn’t seem like it should be necessary, but I haven’t been able to figure out how to avoid it.
If I can’t get this to work, I could try using the SSH2 library for PHP, but I’d prefer not to, since I don’t want to deal with the added dependency.
I’ve posted this question on Stack Overflow as well.
Don’t miss Dylan Matthews’ piece on Modern Monetary Theory, which argues that deficit spending is essential to economic growth. Here’s the crux of the philosophy:
This claim, that money is a “creature of the state,” is central to the theory. In a “fiat money” system like the one in place in the United States, all money is ultimately created by the government, which prints it and puts it into circulation. Consequently, the thinking goes, the government can never run out of money. It can always make more.
This doesn’t mean that taxes are unnecessary. Taxes, in fact, are key to making the whole system work. The need to pay taxes compels people to use the currency printed by the government. Taxes are also sometimes necessary to prevent the economy from overheating. If consumer demand outpaces the supply of available goods, prices will jump, resulting in inflation (where prices rise even as buying power falls). In this case, taxes can tamp down spending and keep prices low.
But if the theory is correct, there is no reason the amount of money the government takes in needs to match up with the amount it spends. Indeed, its followers call for massive tax cuts and deficit spending during recessions.
Fighting our recession with austerity measures is failing horribly and yet favoring austerity is widely perceived as the serious-minded approach to our current economic woes. Modern Monetary Theory provides a framework for thinking about fiscal policy in a different way and shifts the Overton window away from austerity.
Last month, I wrote a post arguing that people illegally download content because it’s convenient, not just because it’s free. Along comes The Oatmeal to make the point in cartoon form. We should all cast a dubious eye on businesses that want to generate scarcity where it doesn’t really exist.
Panic Software has a long post explaining code signing and Apple’s new Gatekeeper feature in OS X Mountain Lion. Gatekeeper provides a way for developers to digitally sign their applications, verifying their origin, and for those signatures to be revoked so that the applications cannot run any longer if they are shown to be compromised by malware. Users can decide for themselves whether they want to let their Mac run any application or only applications which have been signed. (Or only applications from the App Store, although I think you’d have to be crazy to do that.) What I find particularly interesting about this is that Apple had decided last year to implement much more draconian rules that would essentially force developers into the App Store by making that the only way that developers could distribute signed applications. Wil Shipley beseeched Apple to take another course and allow developers to sign apps themselves. Here’s the recommendation he made last November:
My suggestion is for Apple to provide certificates directly to developers and allow the developers to sign their own code. And, by doing this, Apple can then reasonably say, “Ok, now we’re going to, by default, not allow the user to run any code whose certificate wasn’t issued by us and signed by a real third-party developer (except the stuff the user checks in the control panel).”
Apple then has the power, if any app is found to be malware, to shut it down remotely, immediately. This is a power Apple doesn’t have now over malware, and that won’t come from more sandboxing or more code audits. I have shown the only way to achieve it is to require developers to sign their code with a certificate from Apple.
At the time, I read the post, linked to it, and thought that it made too much sense for Apple to do it. I was pleasantly surprised to see Apple take that advice.
Update: Nelson Minar reminds us that features like Gatekeeper require users to put a lot of trust in the gatekeeper. I think one reason people are happy about Gatekeeper is that it’s such a retreat from Apple’s previous untenable position.
Daniel Jalkut’s post on Gatekeeper is also worth reading. Gatekeeper is important because it’s a step back from Apple’s previous decision to essentially force developers to distribute their apps via the App Store. That was problematic because App Store apps will be required to operate within a very limited Sandbox. Daniel Jalkut argues that the next step for Apple should take is to greatly increase the rights granted to apps in the Sandbox. Even though Apple has climbed back from its stance that would force developers into the App Store (and Sandbox), it is still making some new features of the OS available only to apps that are distributed through the App Store, so it’s important that the Sandbox be flexible enough to satisfy as many independent developers as possible.
Matthew Yglesias on how societies stock up for the future:
A lot of the stuff we make has a pretty short shelf-life. Computer software gets obsolete super fast. Clothing wears out. Food spoils (even Twinkies). Durable goods like cars last longer. Airplanes last even longer. But the real durability is in structures. Houses, office buildings, bridges, tunnels, factories, train tracks. As a society, we save for the future by channeling resources—steel, elecricity, human labor power—into the production of things that last a long time rather than things that are more perishable.
This is a point the federal government does not seem to really understand.
I would take issue with his point about software, though. Yes, most software does not last very long, but as we build software, we also build a corpus of knowledge about how to build software more efficiently, and to create more powerful computers to run that software. I would argue that the software industry has created massive social value over the course of its existence.
The big online privacy scandal of the past couple of weeks has been the discovery that the social networking app Path uploads your entire iPhone address book to its servers without asking for your permission. People were not only surprised that Path does this, but also that Apple lets them do it. Shortly after this was discovered, we learned that lots of other companies upload your address book as well. The Verge has a rundown of which applications access your address book and whether they ask for permission first.
The discussion I’m interested in is what access applications should have to your address book. One possibility would be for Apple to put the same warning on address book access that they put on use of location services, but as Chris Dixon points out, the more often you ask users for permission, the less attention they pay. I don’t like that solution.
Another option is to simply block access to the address book for apps entirely. I would not be opposed to this approach. Yes, social networking apps desperately want to hook you in by making sure you’re connected to your friends, and they want you to invite your friends to the service to grow their user base. What value do users get out of it, though? Automatically connecting to your friends is a small benefit, and in many cases there are other ways to determine who you’re friends with without pillaging your address book. Apple should strongly consider just blocking address book access entirely.
Short of that, the policy solution is to allow access only to applications once a user has acted to grant access for that application without being prompted directly. So, for example, applications that ask users to upload everything in their address book as soon as they sign up would not be allowed, but applications that have a “Search for contacts in my address book” button would be allowed. Whether Apple could enforce that policy is another matter. As a matter of policy, though, applications should not try to access your address book unless you try to use a feature that requires it.
Update: And I managed to get this post in right before Apple announced a policy change that will require explicit permission before an application can access the address book.
Lately, working conditions in Chinese factories that produce consumer electronics that we all use and love have gotten a lot of press. Mike Daisey has been touring and presenting a one man show, The Agony and Ecstasy of Steve Jobs, on this subject. Portions of it were recently aired on This American Life. Perhaps not coincidentally, the New York TImes published an exposé on Foxconn last month that looked into the poor pay, unlawfully long hours, and dangerous work conditions at the company’s factories.
I’ve been following the subsequent debate. Tech pundit and Apple fan David Pogue responds with what is largely a straw-man filled argument about the price of electronics doubling and the fact that all companies use these factories, not just Apple. Mike Daisey responds ably.
I want to talk about two aspects of it, though. One is the scope of the problem, and the other is the fairness of singling Apple out. As the article points out, Apple is not the only electronics company that manufactures its products in China. Almost everyone does. And of course, we’re only talking about electronics manufacturers. What are working conditions like at Chinese tire factories? Or toy factories? Or the factories where they make buttons for shirts? The story is the same across industry in China, if not worse.
Everybody is in some ways a beneficiary of the low prices that come with China’s low wages and poor working conditions — there’s no room for sanctimony.
On the other hand, I think it’s fair and useful to single out Apple, for several reasons. The first is that it’s easier to rally action against a single company than it is against every company that imports goods from China, or even everyone in the electronics industry. Apple happens to be the highest profile target available right now, for all of the same reasons that the iPhone and iPad are so popular.
The pressure is working. Apple CEO Tim Cook sent an internal email about working conditions to Apple employees the day after the New York Times article talking about steps the company was taking to make things better. It has worked int he past as well. A few years ago, Greenpeace succeeded in getting Apple to improve its environmental practices by singling the company out as well.
Secondly, Apple just reported the best quarter in the history of the technology industry. If any company has the breathing room to spend money to bring all of the links in its supply chain into compliance with the relevant labor law without raising its prices at all. As has been pointed out, the factories that manufacture Apple products manufacture products for other companies as well. If they are required to improve their practices for Apple, then they will most likely have to improve them across the board. So targeting the biggest fish makes sense from that perspective as well.
Is it fair to target Apple alone? If Apple is benefitting in terms of cost through the illegal practices of its suppliers (as Mike Daisey points out, the suppliers are not even complying with Chinese labor laws), then it is perfectly fair to call them out for it, regardless of what every other company is doing. Beyond that, it’s a question of strategy. Would it be fair to boycott Apple and encourage people to buy Samsung phones instead? No, nor would it be sensible. But it makes sense to target your activism where it will have the most impact.
Ultimately, as explained in the National Geographic article I linked to above, labor conditions in China are the result of systemic problems that we cannot address directly. China has a surplus of labor, a weak regulatory regime, and a highly corruptible government system in charge of maintaining that regime. China also lacks the institutions that could counterbalance the conditions that work against laborers. Workers are unable to organize and negotiate with their employers, and are unable to change the state of things via the ballot box.
The reason I keep returning to this subject is that it pricks my conscience. Disentangling oneself from abusive labor practices in China is impossible, but I do think it is the responsibility of consumers to be informed about the origin of the products that we consume. I wasn’t going to post this article because that sounded like such a weak prescription, but it turns out that it’s working. Apple is changing its behavior, and I’m sure that other companies will follow suit. “Pay more attention” doesn’t sound like much, but it has the potential to be quite effective.
Update: This post about McDonalds requiring pork suppliers to stop using gestation crates illustrates why it makes sense for consumer activists to focus on big game. An earlier policy change by McDonalds changed practices across the entire poultry industry.
Eolas has been tormenting browser makers for over a decade with patents they claim cover browser plug-ins, but last week a jury in Tyler, Texas invalidated their patents after defendants presented compelling prior art. In other words, it took years of litigation and massive legal expenses to do something that patent examiners could easily have taken care of with a Google search. Wikipedia has a useful history of Eolas, including Microsoft’s embarrassing “click to activate” change to Internet Explorer to try to get around Eolas’ patent.
© 2024 rc3.org
Theme by Anders Noren — Up ↑
Any Web site with a US TLD is now in US jurisdiction
EasyDNS has a chilling post on VeriSign taking down a Canadian Web site in order to service a warrant from the state of Maryland:
The implications are chilling. So now if you use a TLD that is under the control of a US company, your Web site is in US jurisdiction.