Atom is nothing new

So now the please-give-me-an-invite du jour is Atom, a new editor from Github.

Here’s the skinny: it’s written using one of the Chromium-as-app platforms (CEF, I guess?), and is mostly written in JavaScript (well, Coffeescript). It looks like Sublime. You style it with CSS. The core is closed-source.

Um, Komodo?

Komodo differs in some ways, of course. Komodo embeds the Scintilla editor. Python is available for macros and extensions. Node is not available, only Spidermonkey. Mozilla still uses XUL.

Nonetheless it amazes me that nerds are gaga over Atom (or CEF) when all the moving parts have been around – steadily used in the real world – for a decade.

(haha just kidding, I’m not shocked at all.)

RPG damage systems are garbage

RPG damage systems are garbage. Games obsess about “realism” and then lose their minds when damage is calculated.

In the real world, stopping power looks like this. Therefore our “realistic” damage system that looks like this:

Roll 1d10. For each additional hit sustained, subtract 1. On a roll of 4 or less, you die. On a 5 or 6, you are incapacitated. On 7 or greater, you are injured.

This system assumes center-mass; head hits are usually lethal (1-9 on d10) and limb hits usually not (maybe 1-2). Also note that the above assumes a handgun; a rifle or shotgun is basically “8 or less and you die”.

No one wants to play that game, because combats will be over very quickly: a hail of bullets followed by a desperate need to get just about everyone still breathing to a trauma center.

We have no data about blasters and so forth, but we can presume that future weapons will be more lethal as time goes on.

Fantasy games have a problem, in that we don’t have much in the way of statistical data about swords and spears, the way we do for pistols and buckshot. We are also viewing data through a historical lens. 

We don’t have any serious data about obvious things: just how effective was a crusader longsword against mail? Or arrows? How many hits could a person take? Could armor turn dozens of blows?

Guesses are all we have (although many are very well-educated). 2 great books on the subject, “On Killing” and “The Face Of Battle”, provide some insight. Our damage table of “struck my a medium weapon while wearing chain mail” probably looks something like this:

Roll 1d10. 1-3, you die. 4-7, you have a serious wound and are incapacitated. 8-10, you are injured.

Note that in both cases we take incapacitated to mean “unconscious, stunned, in shock, or otherwise unable to fight”. We define injured as alert and (possibly) able to fight back. Injuries will (obviously?) require treatment, and even if the fight ends the injured party might still pass out or die. Dead is still dead.

Also we have to deal with injury in a realistic way. In AD&D a creature can huge amounts of damage to a player, and the fix is relax at a convenient tavern for a period of time. A gunshot wound to the forearm can – and probably will – cause permanent nerve, muscle, or bone damage (likewise for the impact of a mace). The bones may mend, but will the hand ever again hold a weapon? 

No one wants to play a game where sickness, injury, and being permanently crippled in the first play session are serious parts of the game (counter-example: the very strange Torchbearer). So what role (no pun intended) does serious realism actually play? How does it affect narrative vs grognard gaming?

The Agony and the Ecstacy of OpenStack: This is how you die

Spleen Merchant

I have a confession to make: I’m horribly stupid, or horribly unlucky, or perhaps (probably) both.

I went to and after freshly installing the latest CentOS (and giving it a complete yum update) I started on the steps therein.

It’s effectively 3 commands! And at the end you’ll end up with your own little 1-computer “cloud”. Or so I thought.

I made it as far as step 4 in the Running an instance docs before things went Tango Uniform. But it’s no big deal: the docs are wrong in that they omit a number of necessary configuration options, but that’s OK.

Sure, the error message is completely byzantine and meaningless to anyone who is not intimately familiar with OpenStack internals; but this is the cloud. You have to understand the minute implementation details of literally every byte crossing the delicate silicon cores of your machine.

(If you’re curious, the answer is the Fedora image referenced in the docs has to be spun up w/ a size larger than m1/tiny.)

Anyway this is far better than what would have been here, had I written this blog entry 3 months ago: getting images to spin up took edits of tons of files. For fun, check the Wayback Machine entry. The docs are still wrong, but at least the underlying platform isn’t shipping completely broken.

Eight Times Over Miss October

So now we’re far, far ahead of where we were: VM images can be downloaded off the web and started with a single click! No more tedious editing: that was the equivalent of selling a car that defaulted to leaded gasoline then telling the hapless owner to take it immediately to the mechanic so it can be converted to unleaded.

Networking doesn’t work, of course. The default configuration (via the `packstack –allinone` command you ran earlier) doesn’t work. I’ve tried it with so many configurations I can’t even remember: I recently threw away a moleskine full of notes because they were all contradictory, confusing, and probably meaningless.

What I know is that nothing works, and it’s got me so angry I can’t see straight.

Oh, sure, there’s lots of people out there who have operating OpenStack clusters. At least I assume so: I mean, our company has one at one of our offices. As far as I know we aren’t using it in a production capacity – a way to make money delivering goods and services to our paying customers – but we have one that boots and starts VMs and so on.

I don’t know anyone that has that, other than Rackspace proper. I do know lots of people spending huge amounts of effort trying to get this working.

But the “quick start” doesn’t even work; but like I said, I’m not very lucky and definitely not very smart. I’m sure lots of people have gotten it to work out of the box. All those posts here and here from people who can’t get a basic installation spun up are probably just doing insane things.

I just took a machine I’ve run Linux (and virtualization!) on for years, and tried to run the 4 commands the vendor told me would work. It doesn’t work, but I’m not very smart.

Electric Worry

People who think “cloud” isn’t here to stay, or that virtualization and clustering platforms like AWS and OpenStack and VMWare are some sort of fad, are way more stupid than I am. Look, it’s a thing.

It’s hard to look at platforms like OpenStack and not immediately say “this is a load of fetid dingo kidneys”, because industry heavyweights like Amazon have made cloud and virtualization and so on so fucking effortless.

Also yeah I just said Amazon, the book store guys, are an “industry heavyweight”. We live in a strange world.

Anyway everyone’s living in the shadow of AWS and so it’s hard to remember how many people sweated bullets to get us here.

That said: I mean this page has 2 entirely different command sets to do something, provides no indication which command to use (no “Am I running on nova-network?” or an even a hint to figure out just what you are using), and in any event typing in those exact commands doesn’t work anyway. I know this because I set up a machine to exactly mimic the setup in the docs, assuming that I was stupid and couldn’t transpose my network details in the command. It doesn’t work, but that’s probably my fault. I’m pretty stupid.

Pure Rock Fury

Before you say “The RDO spin is horrible! Use Ubuntu!” let me make a quick point. We work in the government and military spheres, and the only Linux you can really use is Red Hat (or CentOS), period, full stop, end of discussion.

(If you’re not sure what “end of discussion” means, then you’re one of those people who post on Hacker News are are irredeemably more stupid than me. Go post there if you have theories and ideas, so I can most efficiently ignore them.)

Our customers have interest in cloud and virtualization, thus my interest in RDO and making it work.

Moreover, since I’m very unlucky and probably very stupid, I don’t want to be the sole Subject Matter Expert on the topic of OpenStack. So using the platform everyone in the building is familiar with – RHEL and CentOS – just about everyone can pitch in and contribute. Which is useful, because I’m unlucky and probably very stupid.

Mice and Gods

I just wish it worked, and I don’t understand how and why it doesn’t, and I’m running out of energy to keep fighting it. But I can’t ever stop: The Powers That Be want it, and like I said if you think this isn’t the future, you’re nuts. So I have to keep fighting despite any indication that any of this will ever work in the way we want to.

Thanks for listening.

BREAKING: No one cares about privacy

Via Hacker News, we have this headline: “Facebook reveals friends list even when it’s set to private”. It’s yet another example of Facebook (et al) leaking information that results in something of a privacy breach.

Does anyone really care?

The answer is simple: no. No one cares.

The world is easily segmented into two groups:

  1. A very tiny group of people who value their privacy and do all sorts of weird things to protect it, like not using Facebook or G+ or whatever. They use some strange 3rd-party email Tor reflector thing, use OpenGPG to encrypt all their cat pictures, etc.
  2. Literally everyone else.

I don’t know of a single person who left Gmail (or switched their default search, etc) as a result of the whole NSA thing. I don’t know a single person who has ever said, “Facebook is a massive time-sink/drama magnet whose purpose is to enrich the bank accounts of those who own Facebook stock, so there’s no reason for me to be there”. I don’t know a single person who has ever said, “The default search experience on Duck Duck Go is good enough that I don’t need Google”. I don’t know a single person who has ever said, “I don’t mind ads for Google products and services on my default new tab page in Chrome”. I don’t know a single person who has ever said, “I gain massive benefit from social networking, so these sorts of privacy breaches are unfortunately part of reaping said benefit”.

In other words, no one cares. Privacy breaches don’t matter until it hurts you directly.

(Addendum: I have seen people on Twitter remark that they’re switching to DDG; however I’m a veteran of the first great Linux On The Desktop war, and for every person who cast Windows aside and boldly embraced the Penguin, approximately 100% were back on Windows as soon as the newest CoD game was out. So I don’t even believe those who boldly Twitter-protested their switch: odds are they got annoyed at DDG and quietly switched back to Google.)

It’s not that security researchers shouldn’t continue to look for them; it’s that the tech press act like they remotely matter one bit. They don’t. No one cares. File it away in the giant list of ways Facebook sucks ass, and watch Facebook’s stock price soar.

The NSA, PRISM, and legal compulsion

Something I haven’t seen talked about at all is this:

It’s stated over and over that the PRISM companies – Microsoft, Google, Apple, et al – are legally required to work with the NSA when the NSA asks.

My question is this: Do they actually have any options, if they don’t want to participate?

Everyone basically assumes that the PRISM companies eagerly and happily bend over the day the nice man from the government arrives. I don’t think that’s the case.

First, I work for a company that works closely with the government in various ways, and to be frank no one is really particularly thrilled with the long arm of The United States Government. I can’t imagine the PRISM companies, even with groups set up specifically to interact with the government, are thrilled by its intrusion.

Second, these are for profit companies. Does anyone in their right mind think that anything that detracts from either 1)profit or 2)good PR is something any of them want? Ever? Dealing with this adds time to development and testing, introduces bugs, and as we’ve seen is a PR nightmare.

It is entirely possible that they want to help The Global War Against Violent Extremism (or whatever we’re calling it this week) but I imagine they’d prefer some way that didn’t take any actual work or risk actual money.

Anyway, let’s assume the CEO has decided that it’s all crap, and they don’t want any part of it. Can they even do anything?

They could challenge it in court, unless of course said challenge was immediately made secret. In which case they’d be in a rough place: explain to everyone where all this money is going without telling them why. Or, maybe it happens in public, but in any event they are public companies. Shareholders and boards might not like this. The majority might think it’s best to work with the NSA, or at least not be distracted in a very public fashion; words to the effect of “it’s not our corporate mission to shape public policy” come to mind. Is this the fight CEOs want to have, especially if a majority of shareholders end up being OK with it?

It is suggested, for example, that the timing of Apple coming on board to PRISM has to do with Jobs death; that somehow he resisted the NSA by sheer force of will. Maybe; he was very, very persuasive. On the other hand mundane reasons answer the question just as easily (can you imagine integrating one secret organization into another? It was probably a total nightmare).

So anyway, that’s what I’ve been thinking about. I’m not trying to absolve them of anything; I’m not Protector Of Corporate Power. I genuinely don’t know if you can even say “hell no” to the NSA and the surveillance laws without dropping a bomb inside your company.

(Update: Noted pageview troll/complete moron Dvorak brings up the flip-side of my arguments here. I like his points but the fact remains, he’s a pageview troll and a moron, and will never in his life do something like switch to Linux. But stopped clocks, etc.)

Is my Dropbox going to sell me out?

Let us assume for a moment that I have NSFW content on my personal (paid for by me) Dropbox, which I connect to my work computer. 

Am I then “storing” NSFW content on my work computer? After all Dropbox locally caches pretty much everything. If I’m using Dropbox at work for things like 1Password or syncing application config, am I obligated to ensure that no NSFW content is part of the bargain?

(Note that I am not looking at the NSFW content at work. It is just passively there. Obviously if I use Dropbox to sync NSFW content so I can look at it at work, I’m in the wrong.)

Simpler, but vulgar

Allow me to make a stronger, simpler, and far more vulgar point than this post:

Hacker News is awful. The “community” is mostly bored shitheads posting from work, or massively self-important assholes who are bitter their TODO app didn’t get into YCombinator after 15 tries. 

Twitter accounts like Shit HN Says could be 10x as content-rich if they wanted to. Most of the things posted on HN are just truly awful, in terms of a community of ostensibly technical people. 

You can see craven, callow, shallow, mean, bitter, obnoxious, stupid … the entire range of awful human interactions. Honestly, when’s the last time a HN comment really improved anything? Really made a strong contribution to your job, your hobby? 

As a community-curated link site, Hacker News has good stuff most of the time. As a place for community discussion, Hacker News is just You Tube comments with better grammar.