Identity and Trust

Folks who know me will know that I’ve been taking an interest for some time in the problems of online identity and trust:

  • Passwords (as we know them today) are a sick joke.
  • Monolithic certificate authorities (and browser trust lists) are a serious weakness in web trust.
  • PGP and the Web of Trust remain the preserve of geekdom.
  • People distrust and even fear centralised databases.  At issue are both the motivations of those who run them, and security against intruders.
  • Complexity and poor practice opens doors for phishing and identity theft.
  • Establishing identity and trust can be a nightmare, to the extent that a competent fraudster might find it easier than the real person to establish an identity.

I’m not a cryptographer.  But as mathematician, software developer, and old cynic, I have the essential ingredients.  I can see that things are wrong and could so easily be a whole lot better at many levels.  It’s not even a hard problem: merely a more rational deployment of existing technology!  Some time back I thought about setting myself up in the business of making it happen, but was put off by the ghost of what happened last time I tried (and failed) to launch an innovative startup.

Recently – starting this summer – I’ve embarked on another mission towards improving the status quo.  Instead of trying to run my own business, I’ve sought out an existing business doing good work in the field, to which I can hope to make a significant contribution.  So the project’s fortunes tap into my strengths as techie rather than my weaknesses as a Suit.

I should add that the project does rather more than just improve the deployment of existing technology, as it significantly advances the underlying cryptographic framework.  Most importantly it introduces a Distributed Trust Authority model, as an alternative to the flawed monolithic Certificate Authority and its single point of failure.  The distributed model also makes it particularly well-suited to “cloud” applications and to securing the “Internet of Things”.

And it turns out, I arrived at an opportune moment.  The project has been single-company open source for some time and generated some interest at github.  Now it’s expanding beyond that: a second corporate team is joining development and I understand there are further prospects.  So it could really use a higher-level development model than github: one that will actively foster the community and offer mutual assurance and protection to all participants.  So we’ve put it forward as a candidate for incubation at Apache.  The proposal is here.

If all goes well, this could be the core of my work for some time to come.  Here’s hoping for a big success and a better, safer online world.

Sweet and Earthy

Since getting the juicer, I’ve made a few interesting discoveries.  New flavours – some better than others – and some interesting rules of thumb.  Perhaps the most interesting revelation is what it can do with roots.  Both the general-purpose mixer (the carrot), and the strong flavours (like ginger, radishes, turmeric).  Why do we not see more roots in the range of juices sold by our supermarkets?

I have observed when shopping for juice that apple is treated as a pretty-universal mixer.  Both when explicitly named (apple-and-[pear|mango|elderflower|etc] and in the blends with labels like “exotic”, “garden”, or “tropical” (hmm, bit of a mismatch there).  Basically it just works with everything.  The only substantial exception is citrus fruits, which rarely blend much with anything non-citrus.

But trying it at home, I find the carrot to be pretty-much just as good and universal a mixer.  For example, I was sure apple-pear-ginger would be delicious, and now I find carrot-pear-ginger works just as well.  It’s a little less sweet, but the pears bring ample sweetness, and the main flavours are still the pear and ginger.  The only time I wouldn’t want to use carrots in place of apples is when I really want the extra sweetness: for example, while apple-cucumber-mint work nicely, I’ve no burning desire to try that with carrot.

Another case was today’s brew, when I tried another root in there for the first time.  Taking the view that the earthiness of turmeric would want to be offset by something sweet, I blended it into apples and grapes.  It worked nicely, but I suspect would be an acquired taste with less sweetness.

One more flavoursome root that works nicely in small amounts is radishes.  And though I have yet to try them, I expect I might get something interesting with horseradish or wasabi.

Actually, the one strong flavour that has disappointed is chillies.  As with today’s turmeric, I thought they’d need to go in something sweet, so I tried back in the summer in an apple/strawberry blend.  The heat of the chilli didn’t really make it into the drink: I guess it must’ve ended up in the pulp and gone to waste.

One other minor revelation: things one doesn’t much like in their normal form can work well in a drink.  Specifically celery: some time back I had some spare after using it in a tomato-and-basil soup, so I tried blending it into a drink.  Given that I’ve never much liked it raw, I was pleasantly surprised by that flavour.

Alas, washing up is quite a chore.  Now the novelty has worn off, I’m not using the machine more than once or twice a week, and drinking supermarket juices the rest of the time.

Walking and Working vs Living, Learning, Breathing

Since my change of principal job, my use of the treadmill desk has changed, and not in a good way.

Having acquired the desk at a time when I’d been a couple of years in the job already, my work was development and maintenance, without having to tackle the steeper parts of any new learning curve.  Regular development work worked well at the treadmill.

When the job ended, I had to return the less-than-fully-functional Macbook to my ex-employer, and after a brief spell hooking up the ultrabook there, I bought a cheapo new desktop to use at the treadmill.  Unfortunately I’m now finding I rarely use it, and when I do I often feel the need to sit down with the problem at hand.  At first that was due to getting the new box up to speed sometimes standing in the way of a task, so doing it on the ultrabook became a line of least resistance.  But now I think I see another issue: struggling on the steep part of the learning curve for a new project is hard, and I don’t seem to give it adequate concentration while walking.

Or it might just be that the evenings, when I walk/work best, are blighted by wood smoke coming from a neighbour.  In the interest of not unnecessarily raising my carcinogen intake (not to mention inducing heavy coughing) I have to avoid any kind of (physical) exercise in the evenings.

I need another house move, and while I’m here I need to rearrange my computers to have a dev machine I can sit at.

Light Show

The new bridge across the estuary has re-opened.  And being our northern-hemisphere season of gloom, I first crossed it in darkness.

I should explain.  This new bridge was once a railway bridge, and has now been resurrected for cyclists and pedestrians.  It’s just north of Laira Bridge, a busy main road bridge and the lowest crossing point on the Plym estuary: both bridges were built where the estuary narrows somewhat.  The new bridge opened about six months ago in the season of daylight, but then closed a couple of months later for further works on the Eastern end.

I had thought they were extending that along course of the old railway as far as the Plymstock bypass, which would’ve saved me as a cyclist from having to move out into the right hand lane of the dual carriageway to turn right off it – in both directions.  But no, they built a new bridge across The Ride (a road), but then it goes no further: a fence blocks off the line of the track.  Before the works, access to the bridge was from The Ride.  Now, after them, access is still from The Ride.  Since The Ride is neither big nor busy, there’s no advantage to being able to come down on the far side.

Anyway, coming to it at night, I see it’s all lit up.  Not as in regular streetlights, but on the outside.  A show of coloured lights that move gradually through the spectrum like a screensaver.  There is a view from the approach, although it comes out better on camera from the Saltram side – as I discovered the following evening when I returned on foot with the ‘phone to take some snaps.

saltram-viewThat actually looks more impressive in the picture than in real life, where viewpoints like this one are few and far between.  The best view other than from on the water (or mudflats at low tide) must be from the road bridge, where its effect is sadly lessened by traffic and street lighting.

But all those coloured lights are on the outside of the bridge, and so scarcely visible from on the bridge itself, where strips of harsh (tending to painful) white LED lights dominate.  Especially where the bridge is straight.  The ‘photos actually look rather better than the reality:


Won and Lost

A distant acquaintance bet good money on a Corbyn victory, back in the days when he was a distant outsider at very long odds.  She now stands to celebrate.

Thought experiment: suppose she had instead bet, at huge odds, on his becoming Prime Minister in 2020.  And let’s also suppose it was a substantial bet.  Corbyn becomes Prime Minister, and she wins a million.  Far-fetched, OK, but not too far-fetched to be the basis of a story.

What kind of a story?  Rags to riches?  Not really – this is Blighty.  Even if it hadn’t already been done, slumdog millionaire fits better in a country where the rags half of the story is genuinely all-too-plausible.  But as a “what if” comedy, it has lots of potential.  Or indeed, an episodic sitcom: each week a different attempt to benefit from her riches is tried and thwarted.


Well, our scenario is a very socialist Prime Minister.  He bears a passing resemblance to Mr Corbyn, but could also take inspiration from other populist socialists, and from the imaginations of our scriptwriters.  As a socialist, he’s in the business of taking millions from millionaires.  Maybe (at least for the benefit of our plot) even doubly so those whose millions are demonstrably unearned.  Our lucky winner has suddenly found herself on the wrong side of the Class War, and turns out to be worse off than she had been before winning the million.  Oh dear.

Could a populist lefty nut get elected?  Well, there are precedents.  Hugo Chavez was repeatedly re-elected in Venezuela, though he may have been boosted by Uncle Sam’s botched attempts to interfere.  On a slightly similar note, we’ve just seen (Comedian) Jimmy Morales top the presidential polls in Guatemala to go one up on Beppe Grillo’s achievement in Italy.  In the UK we have a range of populists standing in spite of the main political parties, and some of them have won not inconsiderable posts up to and including London Mayor.  And Corbyn’s new deputy Tom Watson may prove a formidable force.

Looking at electorates, we’re just p***ed off with the status quo.  And now half of us are too young to remember how bad things really were in the pre-Thatcher socialist UK, and are being fed alluring messages about a mythical golden age.  However far-fetched it may or may not be, Corbyn PM is at the very least good for comedy scenaria and thought experiments.

And (sorry, different story) we even have George Osborne trying to help.  His recent announcement of a major development programme for the submarine base at Faslane is surely an attempt to hand Scottish parliamentary seats back from the Scots Nats to Corbyn’s Labour.  Osbourne rather fancies an opposition that’s busy tearing itself apart, as opposed to a united party with a strong claim to speak for Scotland.  And the Faslane project will serve to focus Scots voters’ attention on an issue where Corbyn is strongly at one with the SNP and the only UK chance to reverse Osborne’s decision (vote for him to stop it), yet much of whose party takes the opposite view (vote for him to keep it).

Bizarre and interesting times.

And they all lived happily ever after.

Once upon a time, there was an archetype.  The young lad who leaves his home and braves all to seek his fortune.  We could call him Dick Whittington.

Today there are millions (or should that be billions?) with dreams of betterment.  For many in the poorer parts of the world, one such dream is of the streets of Europe or America, paved with gold.  No doubt a few will make their fortunes, while many will be disappointed.  Many will risk life and limb in the pursuit of a Dick Whittington dream.  Our meeja and public opinion will swing between being swamped by immigrants and being outraged by their plight.

What should we in destination-countries do?  I have no intention of addressing issues of immigration policy here, but one thing is clear: we should not be sending out misleading signals, leading people on with a deception.  Even when it’s also self-deception.  If we’re not going to welcome the millions, we should send out the signal loud and clear and without ambiguity.  And above all, we should be consistent, not chop and change policy on the whims of meeja and public opinion.

Yesterday’s scenes of refugees reaching a true fairytale conclusion to their long ordeal is no doubt a happy one for the individuals concerned.  But it begs the question: how many million impoverished Africans who may have idly dreamed of seeking their fortune in Europe, just saw yesterday’s scenes and made their minds up to set out on a perilous quest?  Unless we welcome them all (which of course we can’t – not even those who survive and make it as far as pick-up points such as those off the Libyan coast), we’ve just perpetrated a cruel deception on them.  For a change, our own Prime Minister appears to be behaving better than what either our meeja or some of our European colleagues are trying to pressure him into.

The Long Tail

It’s a truism to say that the ‘net is ideal for a long tail, of material of interest to someone, but at best very marginal value or interest to the world at large. Vanity publishing, personal pages, personal blogs, social media, etc, etc.

It even has sophisticated Peer Review processes: a page with Google pagerank 9 is one that the world considers a leader in its field, while a PR4 is a long tail and might be of interest if you are looking to solve a very specific problem it happens to address outside the mainstream.  There’s even a competing hierarchy of peer review systems, with middle-ranking systems like the once-useful but perhaps too easy to subvert Tripadvisor and its peers, niche systems designed to measure one’s own effectiveness, and a long tail of wannabes.

But yesterday listening to the radio I was reminded that a long tail of marginal material and even utter dross doesn’t originate online.  If there’s so much that’s great in the Edinburgh fringe, how come the BBC broadcasts so much that’s – to put it very politely – utterly mediocre?

[correction: not yesterday, it was Saturday the Edinburgh crap on Radio 4 really excelled itself]

Fruits of the Garden

I’ve just eaten my first blackberry of the year.

I used to think of blackberries as (predominantly) September fruit. Late August, early October, but predominantly September’s bounty.

In Southwest England I gradually got used to an extended season. In 2003, when I had no money for food, I was picking and eating blackberries into the second half of November. By that time they had long since ceased to be a pleasure, and were hard work to gather, but in the absence of soup kitchens it was a matter of necessity. Subsequently I also found that we have a rich crop through pretty-much the whole of August, too: indeed, on lower ground there’s more in August than September.

But mid-July? This must be a new record! Though it was just the one berry that had reached a real sweet ripeness.

The bushes in my garden show a huge crop to come. Last year I ate them, froze them, gave them away, cooked desserts with them, even made several jars of chutney, and still could’ve had more. This year I have a new fruit&veg juicer, so I look forward to drinking some, too!

And I must check up on the plums. Last year I had just a handful of them from the garden, but they too were delicious.

Stream Editor for Trafficserver

I haven’t blogged much on software of late. Well, I don’t seem to have blogged so much at all, but my techie contents have been woefully sparse even within a meagre whole.

Well, I’ve just added a new stream editor in to Apache Trafficserver.  It’s been on my to-do list for a long time to produce a similar functionality to sed and sed-like modules in Apache HTTPD.  Now I’ve hacked it up, and dropped in in to the main repo at /plugins/experimental/stream-editor/.  I expect it’ll stay in /experimental/ until and unless it gets sufficient real-world usage to prove itself and sufficient demand to be promoted.

The startingpoint for this was to duplicate the functionality of mod_line_edit or mod_substitute, but with the capability (offered by mod_sed but not by the others) to rewrite incoming as well as outgoing data.  Trafficserver gives me that for free, as the same code will filter both input and output.  Some of the more advanced features, such as HTTPD’s environment variables, are not supported.

There were two main problems to deal with.  Firstly, the configuration needs to be designed and implemented from scratch: that’s currently documented in the source code. It’s a bit idiosyncratic (I’ll append it below): suggestions welcome.  Secondly, the trafficserver API lacks a set of utility classes as provided by APR for Apache HTTPD.  To deal with the latter, I hacked it in C++ and used STL containers, in a manner that should hopefully annoy purists in either C (if they exist) or C++ (where they certainly do).

In figuring it out I was able to make some further improvements: in particular, it deals much better than mod_line_edit or mod_substitute with the case where different rules produce conflicting edits, allowing different rules to be assigned different precedences in configuration to resolve conflicts.  And it applies all rules in a single pass, avoiding the overhead of reconstituting the data or parsing ever-more-fragmented buffers – though it does have to splice buffers to avoid the risk of losing matches that span input chunks.  It parses each chunk of data into an ordered (stl) set before actually applying the edits and dispatching the edited data.

/* stream-editor: apply string and/or regexp search-and-replace to
 * HTTP request and response bodies.
 * Load from plugin.config, with one or more filenames as args.
 * These are config files, and all config files are equal.
 * Each line in a config file and conforming to config syntax specifies a
 * rule for rewriting input or output.
 * A line starting with [out] is an output rule.
 * One starting with [in] is an input rule.
 * Any other line is ignored, so blank lines and comments are fine.
 * Each line must have a from: field and a to: field specifying what it
 * rewrites from and to. Other fields are optional. The full list:
 * from:flags:value
 * to:value
 * scope:flags:value
 * prio:value
 * len:value
 * Fields are separated by whitespace. from: and to: fields may contain
 * whitespace if they are quoted. Quoting may use any non-alphanumeric
 * matched-pair delimiter, though the delimiter may not then appear
 * (even escaped) within the value string.
 * Flags are:
 * i - case-independent matching
 * r - regexp match
 * u (applies only to scope) - apply scope match to full URI
 * starting with "http://" (the default is to match the path
 * only, as in for example a <Location> in HTTPD).
 *   A from: value is a string or a regexp, according to flags.
 *   A to: string is a replacement, and may reference regexp memory $1 - $9.
 *   A scope: value is likewise a string or (memory-less) regexp and
 *   determines the scope of URLs over which the rule applies.
 *   A prio: value is a single digit, and determines the priority of the
 *   rule.  That is to say, two or more rules generate overlapping matches,
 *   the priority value will determine which rule prevails.  A lower
 *   priority value prevails over a higher one.
 *   A len: value is an integer, and applies only to a regexp from:
 *   It should be an estimate of the largest match size expected from
 *   the from: pattern.  It is used internally to determine the size of
 *   a continuity buffer, that avoids missing a match that spans more
 *   than one incoming data chunk arriving at the stream-editor filter.
 *   The default is 20.
 *   Performance tips:
 *    - A high len: value on any rule can severely impact on performance,
 *      especially if mixed with short matches that match frequently.
 *    - Specify high-precedence rules (low prio: values) first in your
 *      configuration to avoid reshuffling edits while processing data.
 *  Example: a trivial ruleset to escape text in HTML:
 *   [out] scope::/html-escape/ from::"&" to:"&amp;"
 *   [out] scope::/html-escape/ from::< to:&lt;
 *   [out] scope::/html-escape/ from::> to:&gt;
 *   [out] scope::/html-escape/ from::/"/ to:/&quot;/
 *   Note, the first & has to be quoted, as the two ampersands in the line
 *   would otherwise be mis-parsed as a matching pair of delimiters.
 *   Quoting the &amp;, and the " line with //, are optional (and quoting
 *   is not applicable to the scope: field).
 *   The double-colons delimit flags, of which none are used in this example.


Our next concert is next Sunday (July 5th), when we’re performing Händel’s Israel in Egypt at the Guildhall, Plymouth.

This is a mature, full-length oratorio on a biblical theme. In parts it is similar to the more famous Messiah (and a few numbers are musically very similar between the two works). In other respects it’s different, and one fundamental difference is that this work uses full antiphonal double chorus. We’ll be split across right/left sides of the stage to deliver the effect.

The subject matter is truly biblical. None of the cuddly, merciful God of Constantine (let alone the modern Church of England), but a vindictive warmonger to make the Islamic State look like a holiday camp. This God doesn’t just indulge in holocaust-scale genocide, he glories in it. Much of the music is correspondingly dark, though there are also some gorgeous interludes.

Also of musical/historic interest, this is a very old edition we’re using. In fact the editor was no less than Felix Mendelssohn. Though better-known as a great composer in his own right, Mendelssohn was right in the vanguard of the revival of the Baroque, so this score is living history!

If you like oratorio, you’ll enjoy this concert.


Get every new post delivered to your Inbox.

Join 108 other followers