Category: Uncategorized

Strip Mall Land = Comforting

by philg

Turning off New Jersey Route 17 toward my cousin’s house in Allendale it occurred to me that maybe opponents of sprawl and strip malls are overlooking one bright spot.  There is something comforting about driving down Route 17 or the Rockville Pike in Maryland.  You know that if you have a car and a credit card you’ll be able to get everything that you might conceivably ever need and, after all, isn’t that what American life is all about?

Full post, including comments

Aloha to Death Row

by philg

http://www.nytimes.com/2005/03/17/national/17peterson.html is an interesting NY Times story because it features Laci Peterson’s stepfather in a Hawaiian shirt talking about Scott’s trip to Death Row.  One does not see that ever day.  The article also contains



In a wrenching display toward the end of the hearing, Ms. Peterson’s mother, Sharon Rocha, assumed the roles of her daughter and the grandchild that was never born, pleading aloud in a trembling voice for “Daddy” not to kill “Mommy and me.”


Assuming the role of a cerebral palsy baby was one of John Edwards’s favorite courtroom tricks.  Perhaps this will be commonplace now.

Full post, including comments

Why can’t phone companies go straight?

by philg

An interesting juxtaposition… from a couple of months ago:



[Bernard Ebbers,] The ousted chief executive of a giant telecommunications company rocked with an accounting scandal told his congregation on Sunday that he was innocent of wrongdoing. Appearing at Easthaven Baptist Church in Brookhaven, Miss., as usual to teach Sunday school and attend the morning worship service, Bernard Ebbers made his first public comments about WorldCom since the disclosure of $3.8 billion in improper accounting last week, The Wall Street Journal reported.”I just want you to know you aren’t going to church with a crook,” Ebbers addressed the congregation at the end of the service.


And from today’s London Times:



BERNIE EBBERS, the former chief executive of WorldCom, faces the rest of his life in jail after being found guilty of orchestrating the biggest fraud in American corporate history.  … The jury of seven women and five men found Ebbers guilty on all counts in a Manhattan court.


Why is it that phone companies are always defrauding either customers or investors or both? 

Full post, including comments

If they can put a man on the Moon….

by philg

Two talks at MIT this week have been thought-provoking in similar ways.  The first was by a physics professor, Frank Wilczek, who recently won the Nobel Prize for his work on the Strong Force, which holds together quarks to form atomic nuclei.  Wilczek showed some impressive drawings from the latest European particle accelerators in which subatomic particles are smashed together until the quarks start flying out.  (This lecture is available at http://web.mit.edu/nobel-lectures/.)  John Grotzinger, a geology professor, gave a talk about his experience with the Mars Rovers, which found evidence for flowing water on Mars in sedimentary rocks.  The Rovers communicate with an orbiter and can also communicate directly with stations on Earth.  In Grotzinger’s more than one year with the project they’ve never had a communications problem.


So… if human minds can get together to make ever-better particle accelerators, why can’t anyone build a reliable inexpensive nuclear power reactor?  And if the Mars Rovers can call Pasadena, how come nobody with a T-Mobile phone can make a call from most spots on the MIT campus or along Memorial Drive?


In the 1970s people would ask questions of the form “If they can put a man on the Moon, why can’t they do X?”  What would be the modern equivalent?  The one great human achievement of our current decade that can be compared to the lack of accomplishment in most bureaucracies?

Full post, including comments

Business schools redefine hacking to “stuff that a 7-year-old could do”

by philg

When universities created business schools in the 20th Century traditional academics decried the collapse of standards.  Instead of students studying Literature, Art, History, and Science they would be going through the motions of a scholar while occupying their minds with things that formerly had been learned at a desk as an apprentice in a dreary Victorian counting house.  Now in the 21st century the B-schools are degrading the term “computer hacking”.


Here are the facts:



  • Harvard and a bunch of other B-schools with a collective IT budget of maybe $50 million decided that writing Perl scripts was too hard so they outsourced Web-based applications to a company called ApplyYourself.
  • You’d think that the main advantage of a centralized service such as ApplyYourself would be that a prospective student could fill out one application and the information be sent simultaneously to many schools.  However, this is not how it works.  Each school has a totally separate area with ApplyYourself.
  • All the smart young Americans have gone to law, business, and medical school.  Companies don’t like to hire old people (> 30 years) to write computer programs because it saddens them to see old folks doing something so degrading.  Thus ApplyYourself hired whoever was rejected by professional schools to write up some Visual Basic scripts to process HBS and other B-school applications.
  • The ApplyYourself code had a bug such that editing the URL in the “Address” or “Location” field of a Web browser window would result in an applicant being able to find out his admissions status several weeks before the official notification date.  This would be equivalent to a 7-year-old being offered a URL of the form http://philip.greenspun.com/images/20030817-utah-air-to-air/ and editing it down to http://philip.greenspun.com/images/ to see what else of interest might be on the server.
  • Someone figured this out and posted the URL editing idea on the BusinessWeek discussion forum, where all B-school hopefuls hang out and a bunch of curious applicants tried it out.
  • Now all the curious applicants, having edited their URLs, are being denied admission to Harvard and, due to the fact that  universities form cartels to fix tuition prices and other policies, presumably to the other B-schools as well.

One interesting data point is that I once supervised a couple of MIT students building an online system for submission of essays to be graded.  MIT and a bunch of other schools have writing requirements.  Students submit essays.  These are held in confidence from other students.  A subset of users are authorized to grade essays and they are handed essays to evaluate.  One server with a single database is programmed to handle students and evaluators from many different schools and keep everything that should be separate separated.  The students building this system had never programmed in SQL before.  Nor had they ever written a Web script to glue their SQL code to an HTML template.  Nor had they ever written HTML before.  The entire project, which requires the same workflow and main features of the ApplyYourself service, took them three months at 20 hours per week.  Those kids are probably just graduating from med school now and preparing for their careers in radiology…


In the 1960s the term “hacking” meant smart people developing useful and innovative computer software.  In the 1990s the term meant smart evil people developing and running programs to break into computer systems and gain shell access to those systems.  Thanks to Harvard Business school the term now means “people of average IQ poking around curiously by editing URLs on public servers and seeing what comes back in the form of directory listings, etc.”


[Update:  People have been asking me whether I think the schools are justified in rejecting the applicants who mucked with ApplyYourself’s URLs.  Had I been an MBA applicant and heard about this security hole I probably would have tested it out.  Not so much out of curiosity as to whether I’d gotten in but mostly to see if a school with nearly $30 billion in assets really was so contemptuous of quality in IT and also to see just how far the Web development industry has slid from its apex (probably 1994, when 5 reformed Lisp hackers built Amazon.com out of C CGI scripts talking to Oracle).  I did something similar when writing Philip and Alex’s Guide to Web Publishing.  I needed examples of Microsoft Active Server Page source code.  There was at one time a bug in IIS/ASP that enabled anyone to view the source code by appending “::$DATA” to any .asp URL.  Months after Microsoft had released a patch for this bug, I surfed around and found scripts at lots of prominent public servers, some of which scripts contained database usernames and passwords.  I published the results in http://philip.greenspun.com/panda/server-programming#ASP, which was turned into a hardcopy textbook by Harcourt.  So it seems that my curiosity into just how incompetent an institution with $billions in assets could be would have led to me failing the ethics test, being convicted of hacking, and being denied admission to a top business school.


Where would I personally draw the line?  A grad student at MIT figured out that Fandango, the movie ticketing service, was passing the price of the movie ticket as a hidden form variable in the HTML instead of doing the pricing on the server at the final page.  He was able to edit the HTML form in Emacs and submit it to Fandango and buy tickets for any price that he felt was fair (being a grad student, his preferred price for tickets was $0.25).  He invited me to try it out but it but I thought that either Fandango or a movie theater would end up having to make up the difference and it didn’t feel right to take their money.  The HBS/ApplyYourself situation falls into the “poking around with a browser” category where you get to see stuff but the Web publisher hasn’t been injured because they still have the stuff on their server (one of the strange characteristics of the digital age).  As progressively dumber programmers build progressively more complex systems we will see more of this kind of attempt to paper over coding mistakes with lawyers, sanctions, policies, and laws.  Hollywood and the RIAA are usually the most successful at getting the government to do their bidding.  Thus I predict that one day Disney will have a Web site where you can buy access to any of their movies.  Because all of their profits are being used to pay executive salaries this will have to be built at extremely low cost.  Deficiencies in the softwrae will enable vast numbers of Americans to download Bambi for free, their ISPs will be forced to rat them out, and they will all get to see Martha’s Stewart’s cell in West Virginia first hand…]

Full post, including comments

Aerial photos of the spiral jetty in the Great Salt Lake

by philg

Having finally gotten Photoshop scripting sort of under control, http://philip.greenspun.com/images/20030817-utah-air-to-air/ contains some photos of my old airplane flying over the spiral jetty artwork in the Great Salt Lake.  These were taken by Jenny Reinman from a physician-piloted Cessna [a plurality of private aircraft owners seem to be MDs] while her husband Paul Reinman and I flew in the Diamond Star.

Full post, including comments

Syria is able to control Lebanon with 14,000 soldiers

by philg

Syria and Lebanon have been in the news latelyLebanon has a population of 3.7 million.  Syria is able to control these people with just 14,000 soldiers, according to the latest articles, and to judge by the tens of thousands of supporters who rallied today in Beirut, Syrian control of Lebanon is just fine with most of the Lebanese.  This is a remarkable achievement considering that the U.S.-led coalition has roughly 150,000 troops in Iraq for their 25 million people and Iraqis don’t seem to be turning out in any great numbers to show public support for the foreign soldiers to continuing hanging around.  One wonders if we should not have outsourced the Iraq occupation to Syria…

Full post, including comments

How long is the average Internet discussion forum posting?

by philg

A friend of mine who works at a database management system company asked for thoughts on how long a string a database table needs to be able to store, as a practical matter, to serve most Internet programming needs.  This prompted me to do some queries into the photo.net discussion forum.  Here’s my message to him, which I thought would be interesting to nerd readers….


Three basic issues for Web development relating to varchar/clob:


1) Strings are uploaded from a browser-rendered TEXTAREA are of a length that is impossible for the programmer to predict. In a sense, then, every text slot in the database must be prepared to accept a string of arbitrary length.

http://www.cs.tut.fi/~jkorpela/forms/textarea.html#browserlimits reveals that some browsers have limits of 32K or 64K but that as Microsoft and Mozilla get more sophisticated these seem to be disappearing.

2) Software developers of Internet applications are often first-time SQL programmers and sometimes first-time programmers altogether. Unless a DBMS can make CLOBs work with every SQL function and command these novice programmers must learn a whole new computer language, essentially, to deal with CLOBs.


3) Internet applications are often developed using feeble ad hoc tools, such as PHP (my students in 6.171, MIT’s Software Engineering for Internet Applications, mostly picked PHP to do their semester project even though I would have discouraged this, being a mistruster of thrown-together unnecessary new languages). Many of these tools don’t have facilities for dealing with anything beyond the basic SQL data types so they couldn’t use CLOBs if they wanted to.


I think for Web development it is reasonable to expect the average string length from the user to be 300 chars, despite wanting to be prepared for a maximum of 32K or even larger. Oops. Typing that prompted me to do the query (see below). Averaging 2 million messages on photo.net, the correct number is 425. The histogram query reveals that out of 2 million messages over a 10-year period a 32K limit would have resulted in 6 messages being rejected and a 16K limit something like 30 rejections.


If you wanted to implement something like Salon.com as a single RDBMS table for both articles and comments on articles I think a 64K limit might be required. If someone authors a 5000-word magazine article in Microsoft Word and then saves as HTML that will be 25-30k of content plus at least a factor of 2 in HTML tags and other Microsoft-added filler.

http://www.photo.net/bboard/q-and-a-fetch-msg?msg_id=002oFh is an example of one of the big postings on photo.net. It is 37962 chars long, the HTML is very clean (i.e., much less filler than if saved by Word), and yet the page doesn’t seem excessively long.

So… my conclusion from looking at the queries below is that 32K would do the job for a pure discussion forum system and that it would be marginal for storing articles unless a publisher decided that everything should be broken up into “part 1”, “part 2”, and “part 3”. Looking at the .html files on photo.net, the vast majority are in fact under 32K and most are under 64K.


However, if you look at

http://philip.greenspun.com/seia/ the largest chapters are 88.7k.

If you want to facilitate novice programmers building full-scale content management systems where all the content is uploaded from browsers it might be necessary to make the varchar datatype bloat up to 100k-ish. But 32K would be adequate to build something like eBay, amazon (user-uploaded content and much of the publisher content as well), or photo.net discussion forums.


———– some stats from photo.net


select avg(dbms_lob.getlength(MESSAGE)),count(*) from bboard;


AVG(DBMS_LOB.GETLENGTH(MESSAGE))   COUNT(*)
——————————– ———-
        424.672669    2052290


select round(dbms_lob.getlength(MESSAGE),-3), count(*)
from bboard
group by round(dbms_lob.getlength(MESSAGE),-3);



ROUND(DBMS_LOB.GETLENGTH(MESSAGE),-3) COUNT(*)
————————————- ———-
        0  1452035
     1000   510236
     2000    58330
     3000    11972
     4000     3399
     5000     1303
     6000      481
     7000      264
     8000      138
     9000       93
    10000       66


    11000       38
    12000       22
    13000       21
    14000       17
    15000        6
    16000       12
    17000        9
    18000       14
    19000        4
    20000        4
    21000        1
    22000        2
    23000        1
    24000        4
    25000        3
    26000        2
    27000        1
    30000        2
    32000        1
    33000        2
    34000        1
    37000        1
    38000        1

Note:  Oracle did a much better job formatting these in SQL*Plus; for some reason the tabs didn’t carry through after cutting and pasting.


——————————


Epilogue (not from my email to the friend):


Look how much fun it is to program SQL.  Three lines of code and you get an interesting answer (and those three lines would have been much cleaner and simpler if we hadn’t been forced to use the CLOB datatype, which has its own strange accessor functions).  Compare to Java and C where typing until your fingers fall off usually doesn’t result in much of anything.  SQL, Lisp, and Haskell are the only programming languages that I’ve seen where one spends more time thinking than typing.

Full post, including comments