Blog

Keys all over again

I just updated my GnuPG encryption by generating a new key-pair from scratch. Contrary to the last time I took care in keeping my main key private and explicitly using subkeys to be used for signing and decrypting. Even though a common practice has been established, it is quite a challenge to understand the different options and the way in which different configurations might be better or worse. I took some advice by looking at the GNU Privacy Handbook, a recent post by Stephen Josefsson, A Riseup article on best practices, a list of instructions on strictly working with a live OS, and an outdated manual for keysigning parties. Strictly signing offline feels like a hassle, but I’m sure I will get by.

One of the intended improvements I wasn’t able to work out, was using different passwords for my subkeys. I found an email on the GnuPG user mailinglist, but these instructions didn’t make it happen. This therefore remains to be worked out. The article of Stephen Josefsson also triggered some thoughts on more advanced configurations, by using a picture and refraining from using 64-bit based key-sizes. So there are still some ways of improving the quality of the configuration, although at the very least this change was a step in the right direction.

Open furniture

During the last decades a slight change has occurred in the field of furniture, with the rise of modular furniture. Modular furniture has great benefits, since it can often be rearranged to fit changing needs, allowing people to hold on to their furniture much longer. Examples of such systems are Ikea Pax and Besta, Lundia, and my personal favorite Vitsœ. I do however believe that the current situation is somewhat unfortunate, since the different interfaces result in a system lock-in which limits the available components and the flexibility of the system. This therefore leaves room for improvement, giving rise to my idea.

By getting the implicit interfaces of furniture and the compatibility of the various components documented in a wiki-format, people might make a more conscious decision for a particular system which would contribute to the overall time of use. I imagine this covering for instance the panel sizes, the measurements between the various screw-holes and the similarity between systems. Furthermore I’m hoping that such information will assist companies and individuals to create additional furniture components that are compatible with existing systems in order to aid consumers in utilizing their system. It might even give rise to converters that will bridge the gap between systems. Exemplary for working with existing standards are the 3D-printable universal construction kit adapters.

Bridging the smart grid gap

In the industry and academics around power systems there is a lot of buzz around the smart grid. As the matter of fact, the smart grid has become the norm on which to base predictions and proposals. And despite all the marketing buzz, it is truly a great cause for engineers to pay attention to. The smart grid paradigm releases extensive engineering efforts and the supportive creativity and financial funds. The underlying motivation is however rarely questioned. Why even a smart grid? Does it have any significance?

The mechanics of the grid operators are on the other hand mostly unmoved by all the buzz. They also hardly need to, since the core of the electrical grid still needs maintenance and expansion. Methods change and some additional measurement systems and control systems might have to be installed. Generally however not much has changed.

So there is a gap, and during my graduation I often times cross this gap. A gap which is totally logical, once you see where both sides are coming from. The mechanics over the years have established a way of building a very reliable and quite optimal electrical grid. There wouldn’t be any direct harm in continuing in this fashion, making some minor adjustments to planning and management if needed. The other side of the spectrum is however looking at the frightening trend of distributed generation and the nearly unlimited possibilities of IT-systems.

Even though these worlds are closing in on each other, they talk different languages. One side considers a lifetime of 10 years a maximum, whilst the other makes exploitation plans for 50 years ore more. One side sets out to build a highly reliable systems which will require the minimum of management, whilst the other side would like to automate all possible management tasks. One side doesn’t get scared of loads of wires, whilst the other side is cautious of adding even a single unnecessary conductor near a power system. One side would like to analyze information down to the microsecond, whilst the other side would only like to receive an indication if real action is needed. One side is concerned with the power systems in place, whilst the other is concerned with the procedures and management around it. Of course these examples are somewhat exaggerated, but as the matter of fact the backgrounds of both sides are very different.

The real threat to the smart grid adoption is when the mechanics are overrun by the distributed generation and when the management and academics come up with impractical solutions for non-existing problems. It is the problem of not talking and not having the smart grid discussion.

So at last there seems to be a reason not only for the smart grid, but more importantly for all its buzz.

EU copyright consultation

A while back a report was published on the responses given on the EU copyright consultation. Despite the length of the document (101 pages) it is very readable and as the matter of fact it gives a decent overview of the different viewpoint involved in this issue. I’ve given some highlights below.

Institutional users on the terms of protection, making the case that in most cases the copyright is exhausted at the end of the copyright term:

Institutional users generally believe that the current terms are inappropriate and should be shortened. … They point out that in many cases, the costs of the digitisation of copyright protected works that are no longer commercially exploited exceeds the potential economic value of these works.

Some of the authors and performance reacting on the same issue apparently don’t seem to get that the copyright is defined to extend to a set period after death of the author:

The vast majority of authors and performers consider that the term of protection currently set out in EU law is appropriate and should not be shortened. However, some respondents in these categories favour a longer term of protection, which, they say, would better reflect longer life expectancy.

I was glad to see notice of disabilities in the section on copyright exceptions, although I would assume the real questions arise when third party service providers aid in transforming content to digital or audible form. Furthermore it struck me that there seems to be a lack of agreement amongst member states on about all of the issues. This would therefore further complicate the process of copyright reform and unification, resulting in the continuation of the status quo. An issue I wasn’t quite aware of, is that event though an exception exists for educational institution, this often times results in problems when courses are made available to an outside audience. This issue therefore hinders the adoption of new ways of teaching. At the minimum a clear stance should be taken about such cases. As a student it is painful to see end users argue for access of scientific articles without needing to go through all the paywalls which have been put up by the various journals. Staying on top of recent development is however important to all professionals in academics, probably to anyone studying, and therefore also to society as a whole. Limiting the flow of the information our modern society has been built upon can therefore be considered very coercive.

After reading through the document I would summarize that on the one hand the authors, management organizations and publishes are quite satisfied with the way the system is set-up, whilst the end users desire more freedom and increase clarity. A large part of these end users however seem to acknowledge the fact that copyright should be kept in order to keep the system going. So does this mean that copyright in its current form isn’t serving society they way it was intended originally?

Good design

In the 1970s industrial designer Dieter Rams famously wrote his ten principles for good design which is a powerful way of evaluating the quality of any product. Many methodologies exist on how best to design in order to achieve a certain kind of product, but I have yet to come across any other methodology on evaluating the end-product. In a way that final evaluation is all that matters, even though many companies can get away with tricking customers into buying lesser products. Setting a standard of good products will be a tremendous boost for overall wealth in the world, since this will most surely inspire others to strive for similar goals.

The products by Apple are known to be adhering to these principles of good design, whether or not they intended it to. The way in which products adhere to these principles unfortunately can’t be measured quantitatively, making it also hard to define a ‘best’ product. This especially holds true because these principles aren’t in any way limited to industrial design. Just think about how Wikipedia has established not only their product but also their underlying mission making it so that now all these ten principles can considered met.

Privacy and security

Considering how issues related to privacy and security map on these principles, I believe that principles 6, 8 and 9 call for the implementation of proper security and privacy, whilst principles 1, 2, 5 guide the right way of implementing privacy and security. This user-friendly approach of privacy and security has luckily been called upon in the community many times over.

• The 6th principle ‘good design is honest’ calls for a product to clarify what security and privacy is given and also what isn’t. If say back-doors are purposely added to a product, this should be clear to the user. If on the other hand the product is as secure as possible, users should be informed what threats exist however unlikely.
• The 8th principle ‘good design is thorough down to the last detail’ calls on designers (and engineers, which are also designers) to leave no aspects undecided, and therefore requires them to take a stance on matters like privacy and security.
• The 9th principle ‘good design is environmentally friendly’ goes a long way of addressing all issues that are related to a product but also go way beyond the scope of a single product. The main argument here is the generalization principle of ‘what if all products were like that’, which calls on even the most limited product to respect the bigger picture. Examples included in the original principles are resource conservation, minimizing physical pollution and minimizing visual pollution. All of these examples of course hold for the complete product cycle, since this is needed to even grasp the bigger picture. Personally I’d like to believe that respecting privacy and security are part of this 9th principle, since if all product would violate privacy and security, a fearful society described in George Orwell’s book Nineteen Eighty-Four might become a reality. This is the referred bigger picture this principle adheres to.
• The 1st principle ‘good design is innovative’ calls on designers to refrain from solely relying on ‘common standards’ and consider new innovations to be incorporated in their products. If everybody just keeps saying privacy and security are hard and leaves it at that, society will only deteriorate on this issue.
• The 2nd principle ‘good design makes a product useful’ and the 5th principle ‘good design is unobtrusive’ emphasize the importance of not putting the burden of security and privacy on the users. Most users don’t like to fiddle with that and will mess things up eventually regardless of intention. These issues should be for the designer to solve, not for the user to worry about.

Conclusion

These powerful principles might some times seem to be in conflict with each other and often times products are designed for short-term gains despite best intentions. It is however up to involved designers to improve the products and make the hard compromises required, not only to suit target customers but to suit society as a whole. This holds for privacy and security just as it holds for aesthetics and sustainability. Designers have to power to shape our world and with great power comes great responsibility.

Down the path with Emacs

Just about a year ago I started using Emacs and I’ve now come to the conclusion that it is about time to get out of the Emacs-world.

I used to make use of Zim and GTG for both my notes and tasks, but as I was using ever more shortcuts, I was keen on employing more advanced tools, especially with a lot of conversion formats in order to liberate my content. After an extensive search I started using Emacs Org mode. I must admit that Org mode is brilliant and very powerful. Adopting Org mode as a non-Emacs user meant I had to learn the most common Emacs shortcuts and get a sense of the considerations underlying Emacs. Having gotten up to steam, it is a brilliant way of managing notes and tasks intertwined, living in a flat file system. Being able to create overviews of all the different tasks allowed advanced overviews to be generated and allowed me to test various management styles like GTD and Kanban. By far the most powerful example of using Org mode was about half a year in: I had only a couple of days at an external company to work out a project outline. Being able to keep notes and tasks with blinding speed was already incredible, but being able to export a draft outline to both a neatly styled LaTeX report and LaTeX presentation was a great time-saver which made quite an impression.

Spending a lot of time in Emacs already, it only seemed logical to point more activities towards Emacs, which is the eventual consequence of such a tightly integrated editor with all its versatility. It didn’t took long for me to strictly use Emacs for my writing, coding, news reading and even browsing. Emacs really became my operating system, just the way as it has been joked by the community.

Emacs however isn’t an operating system. And Emacs isn’t a windows manager either. Emacs is just a legacy editor with many powerful modes which can be tailored to suit a lot of use-cases. Having adopted Emacs as my main tool, I became quite aware of its limitations. Limitations which aren’t around when using other programs for the job. Also the integration of Emacs with other programs wasn’t very good. Copying content from Emacs to other programs often required another editor like gedit to bridge the gap.

Now I’m steadily moving my activities and content back to my favorite GUI applications, which have a large user base and are dedicated to a particular set of tasks.

In retrospect I would describe Emacs as Swiss army knife combined with a pile of wood: you’ll be able to achieve a lot with the tool alone and by creating your own set of tools from to wood you can achieve even more. Nowadays there are however more tailored tools for the various jobs and making everything yourself just seems pointless.

A minimum level of sharing capabilities

Lately it has struck me how the sharing of content we were used to, is now slowly being taken away from us, without most of us noticing. Remember how anyone was able to lend out their books, CD’s and DVD’s, even just a couple of years ago? Today there is a totally different paradigm. More and more the content is becoming strictly contained in the domains of the service providers via forms of DRM. Streaming services like Spotify and Netflix keep their content stored online and programs like iTunes and Adobe Digital Editions make sure that even the local storage is in the hands of the service provider. Now, this movement in itself is not as bad as it might seem, since you could for example still lend somebody the account credentials or share an e-reader. However simultaneously there is trend towards a strong tie between devices and their users. Just imagine swapping smartphones with a friend for a week so you can enjoy each others e-books, it is unthinkable since that smartphone is tied to your email, your apps, your passwords, your phone number and your other media. Spending a little money on buying an e-book rather than sharing devices is therefore the only sane option. Apple currently seems at the forefront of pushing this paradigm of devices belonging to only a single user by focusing on a seamless experience between devices and by linking it all to your Apple ID. It is not without reason that better content sharing options were most-requested and recently adopted in the form of Family Sharing. However the scope of lending out content is still far more limited than it ever was in the previous decades.

Apart from sharing, we in Europe have also agreed on several rights people have for legally copying content. In the Netherlands this mainly entails making a private copy of legally distributed content and making a private copy for studying purposes. Depending on the media copying was done with a photo-copier, an audio tape recorder or a video tape recorder. With content being restricted end-to-end, the only real way of making a copy seems to be at the side of the human accessing it. This means recording the audio using a microphone, recording the video using a video-camera and copying an e-book with a camera or photo-copier. Granted, other methods exist but these mainly require someone technical to circumvent these restrictions. So the conclusion to be made, is that with the digital revolution, copying content in the way you are entitled to by law has become harder and not easier.

How can it be that as a society we have agreed on what a person should and should not be able to do with content in terms of lending and copying, but that the main content distributors and their technology are not supporting these rights in any way? Since ultimately the desire for content outweighs the ethical considerations for most consumers, it is up to the governments and related institutions to demand the implementation of the level of freedom we have agreed on. Since the law is the ultimate restriction, code needn’t be and shouldn’t be more restrictive than the law.

Novena laptop as an open-source booster

Most people in the open-source community will already have heard about the Novena project as it is a well supported move for building an as-free-as-possible laptop. Just last week a video was published from a keynote given by Sean Cross about the project. It is worth the watch, especially since it shows the ‘hidden’ process that resulted in the final design. The way in which the Novena laptop is able to support and empower hardware and software projects is stunning and it is probably this feature-set that aspires to all hackers out there and helps make the effort such a success.

Website revamp

Having run a low-key website for a couple of months now, I came to the conclusion that I had to restructure it in order to take it to the next level. Underlying was a self-built (php) back-end which took care mostly of presentation and not on content management. By using a WordPress back-end advanced functions for presentation and content management become available. In a couple of hours I was able to build a custom theme, which covers the functionality I need.

Having set the structure for my new website, the next task will be to add preceding content and fine-tune the theme to display correctly on all devices. New content can therefore be expected soon.