quis custodiet ipsos chief analytics officers?

Cocoa Krispies will make your child invincibleVia my former colleague Luigi Montanez, now of Upworthy, here’s an interesting look at how the media industry is reexamining its use of analytics. The search for more meaningful measures of media efficacy is interesting in its own right. But I think the structural incentives that surround it deserve some attention, too.

It’s worth reflecting on the metrics that have fallen out of style: most notably conversions (how often an online message leads directly to a measurable action) and impressions (how often an online message is seen, perhaps affecting the viewer unconsciously). For the past few years there has been an outsize focus on the level of social activity spurred by a message — though this kind of result is increasingly viewed as a overvalued. In the past few months, there has been growing enthusiasm, including at Sunlight, for measures of how thoroughly a message is considered by its viewer. Upworthy’s attention minutes metric is leading the charge — unsurprisingly, given the organization’s undeniable sophistication at measuring and driving traffic.

Although it would be hard to completely deny a fad dynamic to these successive waves of focus, I think efforts to find better analytics have been driven by good intentions. But I also think these efforts may be leading us to a different future than many imagine. For instance, I wonder if my colleague Eric is mistaking a feature for a bug here:

I can see why Eric thinks black-box metrics would be bad. But the bespoke nature of the new, increasingly in-house analytics trends carries advantages for those creating them. And this isn’t the first time that content creators have evolved toward capturing the mechanisms by which their own success is measured. A little over three years ago, before many of the aforementioned analytics trends occurred, I wrote this:

[B]y all accounts online advertising doesn’t work very well. You can measure whether someone clicks on an ad, and often whether they buy something after that click. But it turns out they rarely do those things. So businesses aren’t willing to pay very much for ad space on websites.

Is it really a coincidence that the advertising medium with the best instrumentation also appears to be the least effective? I suspect it’s not. It may be that ads never worked as well as the industry had told us; or it may be that the eyeballs/clicks/conversions funnel is a naive conceptualization of how the system works. Either way, Google has succeeded by giving advertisers what they think they want, which is analytic tools that seem to reveal that the whole enterprise is horribly ineffective.

I think the push for better tools and more efficient ads is basically a race to the bottom. In fact, less perfect instrumentation might allow the ad industry to capture a bit more revenue from business thanks to decreased efficiency.

The lure of incomparability is very strong. Forget Google AdWords for a moment. Big ad buys are still largely arranged by salespeople, working on commission, making phone calls. And how could it be otherwise, for people in the business of convincing other people? Having objective, universal measures of efficacy is not helpful to that kind of endeavor. Much better to have a measure that works for you, that people are excited about, and that you control. It could just as easily be manipulable circulation numbers as a boutique web metric.

This case can be overstated. As I’ve said, I think people are largely working on these problems in good faith — particularly at outfits like Upworthy, which focus on a social mission; or the journalists I know who have left comfortable jobs because they care about whether their work affects the world.

But the incentives for a metrics Tower of Babel are real. To some degree, they’re even admirable, insofar as they’re driven by varying conceptions of success. Is my goal to make my audience think deeply, talk loudly, or spend freely? All of these can change the world for the better; ad-buyers’ temptation to ask which is best can reasonably be resisted, even if I do a little cherry-picking to make my case.

Besides, if one is prepared, for a moment, to disregard the capacity for world-improvement that widely-viewed and ethically correct publications represent, there’s no real problem here. Advertising often has strongly positional aspects, determining who will come out on top but not the overall level of welfare (a world in which Pepsi is the number one cola may strike some as more dystopian than it does me). Not only that, advertising is in some ways a force that directly opposes human agency — it’s designed, quite explicitly, to turn dollars into altered desires and behavior. I have limited enthusiasm for the kind of improved instrumentation that might let us hone that weapon’s edge even further.

In its most benign form, advertising is a tax on industry that flows according to influences too numerous to understand. There’s an appeal to the idea of rationalizing this process, of making it measurable, quantitative and objective — making it legible, as James Scott might put it. It seems like the result would be more fair. And admittedly, the human systems that make up the alternative are not fair: they’re sexist, racist and elitist.

But I suppose I’m optimistic that those systems don’t have to stay that way. And keeping advertisers confused about what they’re buying might preserve room for some wonderful things. So three cheers for analytic innovation — even if the innovators aren’t wholly aware of what they’re doing.

Flappy Bird and the case for fads

flappy_space_smallIn a tab not far from this one, a small bird orbits an 8-bit Earth on a ceaseless elliptical. I put him there, and feel a certain pride about it. You should launch some birds, too, if only to remind yourself that physics is pretty weird.

Too much has been written about Flappy Bird, but I’m going to pile on anyway: it reminds me of a conversation I’ve had with Kriston (and more recently John Bergmayer). Kriston was complaining about some not-that-great book that was sucking up a ton of public attention. These people could be reading the classics! he said. Or just last year’s much-better crop of novels!

I agreed with him about the objective merits of whatever book it was, but I stuck up for fad-chasing. There’s something great about having everyone settle on a single conversation for a week or two, applying all their capacity for inventive criticism, clever jokes and feedback loops of enthusiasm. Faced with exile on a desert island, I could assemble a media library that was very self-edifying. Faced with participation in culture, I’m happy enough to watch the new season of House of Cards even though it’s sort of garbage. I keep an eye on new album releases for the same reason, even as experience makes each band’s influences and lack of invention clearer.

Flappy Bird is compelling for a number of reasons, foremost among them the narrative surrounding its author and the ineffable appeal of a game with neurologically agreeable physics. But I’m also really enjoying it as a cultural rallying point: the aforementioned orbit game, the MMO, the essays.

Admittedly, this is because, so far, the conversation is mostly among people who enjoy essays and indie games — for me, this is a comfortably skintight demographic. One doesn’t have to look far to find other, grosser avian videogame phenomena.

But for now, and maybe for the rest of its run, it’s something everyone can talk about.

less horrible still!

I’m almost done fiddling with it, I think. Please excuse the infinite scroll effect on the photos. I know it’s tacky.

I will mention one other thing: if you scroll allllll the way down, there is now both a search box and an email subscription option. Since even fewer people use RSS these days than before Google Reader died, it might be of interest to this blog’s profoundly modest readership.

a less horrible theme

Though still quite horrible. I couldn’t stand the old one anymore, though.

I’ve only just begun messing around with customizing this one, so apologies for its work-in-progress nature. I suspect nobody really feels too strongly about it, though.



There are not a lot of flights into Goa, but one of them comes directly from Moscow. This explains a lot. The beach is full of unhealthy-looking Russian women and their monolithic husbands, whose hairless, pressurized torsos pivot atop speedos like artillery turrets. In the afternoon they are as drunk and passed out as our xenophobic cold war stereotypes have promised. Just like those topless glamor shots of Vladimir Putin, theirs is a virile aesthetic almost completely divorced from physical beauty. I’ve found Goa to be a very agreeable place to be carrying ten spare pounds of holiday weight.

But perhaps this is just Baga Beach, where we stayed. A day trip to Anjuna, the purported center of Goan hippie culture, revealed even fewer Russians than hippies. The people on the beach seemed athletic and competent and not in the mood for anybody’s shit. Absurdly, there were even a few joggers. The Bob Marley towels and offers of drugs seemed mostly about delivering the local color promised in the guidebooks. Anjuna is an American beach, a beach from which conference calls have been joined.

Seasides are timeless. The surf is perpetual, very nearly immune to seasons and human meddling. Shells and driftwood and sand are relentlessly ground down in a process that clearly does not require much supervision. Everything about the ocean is, frankly, much too big.

I used to like to sit in front of it and (pretentiously) read Calvino and feel as tiny and quiet and unnoticeable as a stone buried in the sand beyond the breakers. But that was years ago, when my self-regard was still immaculate. Pondering mortality and insignificance was a nice vacation experience once upon a time, but was never any more life-changing than a cooking class.

It’s less fun now. I’m no pebble, I’m just part of a huge herd of mammals, wallowing in the surf and shade and beer like everyone else. It’s certainly still relaxing, but regular life has lost its childish grandiosity and so the old idea of escape feels a bit more desperate. How can you relax when, back home, entropy is increasing?

I went into the Indian Ocean, which I never thought I’d do. The sand was smooth and the waves were like bath water. Soon I found myself amid some Indian boys who were bodysurfing.

Where are you from? USA. He was going there soon, he said, to work for a new company, had I heard of it. I was sorry, I hadn’t. He told me how many lakhs he was going to make. I wished him luck, which his friends thought was funny. I started to head out further and they asked me if I could swim. I told them yes; they seemed disappointed.

My cousins were born here. Or maybe that’s not right. Were they raised here? I can’t remember. One day they arrived at my grandparents’ house on Kenmore Street, in Virginia, so that the process of civilizing them could begin. Within weeks my cousin Emily gave herself a haircut, which became an important chapter in subsequent family lore and cemented a sense of wildness that was probably undeserved.

Why did my aunt go to India, and why did she come back? I’ve never been told and have certainly never asked. I imagine that she was, like many others of her generation, attempting an experiment. Sometimes I worry that its failure has disappointed her since.

My cousins seem none the worse for it, though. They are now implacable Vermonters, wise and capable and, if one insisted on naming a fault, perhaps even too strong for their own good. Just like their grandmother, and her grandmother. A generational displacement as geographically and culturally vast as possible couldn’t dislodge their destiny. At times I find this immensely reassuring.


The guidebooks try to be polite about it, but they don’t have many compliments for Bangalore. They have to admit it’s not great for temples or monuments or palaces. But they hasten to note that it’s clean! And wealthy! If Lonely Planet were about Victorian ladies instead of cities, Bangalore’s fluency in French and skill at the pianoforte would be discussed extensively.

This city has been gentler to me than I’d been told to expect. There is dizzying traffic and choking smog, but it’s navigable. There is horrible poverty and software-driven wealth — authors of Medium posts about San Francisco’s spiritual destruction via Google Shuttle will find much to like — but so far my heart is only being broken once every ten miles or so. The taxi drivers don’t seem to see enough tourists to know how to properly gouge us. And gastrointestinally, I am at the part of the cartoon where the coyote opens a clenched eye and begins to chuckle nervously, thinking the bomb must be a dud.

So I’m not as overwhelmed as I might be. But the experience has still been satisfyingly foreign.

I finished rereading Jonathan Strange & Mr. Norrel shortly after landing, and this passage seemed about right:

They had been recommended to a hotel in Shoemaker-street which belonged to a Mr Prideaux, a Cornishman. Mr Prideaux’s guests were almost all British officers who had just returned to Portugal from England or who were waiting for ships to take them on leave of absence. It was Mr Prideaux’s intention that during their stay at his hotel the officers should feel as much at home as possible. In this he was only partly successful. Do whatsoever he might, Mr Prideaux found that Portugal continually intruded itself upon the notice of his guests. The wallpaper and furnishings of the hotel might all have been brought originally from London, but a Portuguese sun had shone on them for five years and faded them in a peculiarly Portuguese manner. Mr Prideaux might instruct the cook to prepare an English bill of fare but the cook was Portuguese and there was always more pepper and oil in the dishes than the guests expected. Even the guests’ boots had a faintly Portuguese air after the Portuguese bootboy had blacked them.

I think this unavoidable, insistent foreignness can be illuminating. There are layers to the effect.

In the old days, before anyone knew what yeast was, styles of beer came from specific places. The critters in the air and the minerals in the water determined the options available to a brewer. That pilsners came from Pilsen was an immutable feature of the world, not just clever coordination by the Pilsen Chamber of Commerce.

Maybe foreignness begins with these biological conditions. They’re no more detectable by a tourist like myself than they were to medieval brewers (although I’m told I would certainly come to notice something if I drank the tap water). But they’re real and they must shape the environment surrounding me.

Those contrasts make me begin to wonder about how I’ve been shaped by similar forces at home. Sometimes, at the gym, I’ll work out next to someone and notice that their sweat smells of berbere. It’s a physical manifestation of how saturated they are by their culture.

Of course I can only detect this because my own culture is different. I’m no less steeped. Supposedly when Westerners first came to Japan, the islanders couldn’t bear the visitors’ stink. “They smell[ed] of butter and fat.” I wonder what I’m suffused with; what I smell like to the people here. Even my friends say that Subway stores smell awful, which is worrying.

The opportunity to reflect on these contrasts is what I like I like about travel (communication technology’s erosion of the case for sightseeing is hugely underconsidered). But these contrasts are growing duller, aren’t they? It’s banal to lament the homogenizing effect of global commerce. I wouldn’t want to claim there’s anything principled about my supercilious yuppie dismay at the prospect of a Bangalore Baskin-Robbins.

But the larger phenomenon seems real enough. How distinctive can a global set of cultures remain when their TV producers are all ripping each other off at internet speed?

Conscientious citizens of the universe will already be familiar with the wikipedia article about its heat death:

From the Big Bang through the present day and well into the future, matter and dark matter in the universe are thought to be concentrated in stars, galaxies, and galaxy clusters. Therefore, the universe is not in thermodynamic equilibrium and objects can do physical work.

Why can anything happen at all? Because there’s more of something in one place than another. Charge, pressure, heat — any one of them out of equilibrium, and it’s able to be harnessed for work as it seeks balance.

It’s tempting to apply this metaphor to society: imagining that the diffusion of concentrated idiosyncrasy is the only means by which cultural invention can be pushed to an acceptable pace. The transmutation of African-American musical traditions into pop genres; the adoption of anime tropes by American filmmakers; the dizzyingly reciprocating cross-pollination that produced the Gangnam Style fad single; fusion cuisine.

Is cosmopolitanism another word for entropy? Is a Diplo mixtape analogous to an exploding oil tanker? This is not a cheerful idea — it’s a prediction of eventual globalized monotony and stagnation — but it does seem compatible with Kurt Andersen’s ideas about postmodern exhaustion.

And it could serve as a framework for understanding which parts of globalization we should resent. If cultural distinctiveness is a resource we spend it should be spent on worthwhile pursuits rather than on selling hamburgers and cola; just as we should burn petroleum to empower humanity rather than to power larger SUVs.

Admittedly, this idea is also compatible with an ugly primitivism. I don’t mean to do that. I don’t want to be tempted into imagining that India (or any place else) is some sort of wellspring of authenticity; its colonial history makes that idea laughable. Besides, it seems impolite to insist that other societies act as cures for our neuroses.

But if I squint I can imagine India as an engine, doing fascinating things as it burns away the divisions between east and west and other places beside. I wonder if it will ever run out of fuel.

in honor of CES

Let us revisit the opening paragraph of The Hitchhiker’s Guide to the Galaxy:

Far out in the uncharted backwaters of the unfashionable end of the Western Spiral arm of the Galaxy lies a small unregarded yellow sun. Orbiting this at a distance of roughly ninety-eight million miles is an utterly insignificant little blue-green planet whose ape-descended life forms are so amazingly primitive that they still think digital watches are a pretty neat idea.

If I squint just right I can almost, almost talk myself into believing that smartwatches will be useful. But this is a personal failing.

My Dumb Raspberry Pi-powered Fantasy Football Trophy

Well, another fantasy football season is behind us. I entered the season as the reigning champion and left it as the… not champion. It would be churlish to try to make excuses for my poor showing. So instead I’ll simply note that there is an ongoing, pressing need for organ donors in this country, and many of my fantasy players’ families are proud to have done their part. My heartfelt congratulations to Ben on his apparent championship and the masterfully subtle campaign of cheating that must surely lie at its foundation.

But the season did have a few bright spots, even beyond the news that my WR1 is expected to walk again. In particular, I embarked on a semi-ridiculous project to build a Raspberry Pi-powered fantasy football meter. It worked out pretty well!

I should probably begin by assuring you that I’m not actually all that maniacal about fantasy football. It was a purchase that spurred this project: a few months back I bought a big lot of antique electrical gauges on eBay.

(OK, actually I bought two lots.)

Since then I’ve been building some little projects with them using Raspberry Pis and lasercut wooden enclosures. The fantasy football meter is one of the more grandiose examples.

The top gauge measures my ranking in the league. The bottom gauge measures how many points ahead or behind I am at the moment. I realize that this is deeply stupid.

It’s fair to say that I have been working to (slowly) accumulate the expertise necessary for these projects for more than half a decade. It’s made me really, really wish that I had taken some electrical engineering classes in college.

Still, I’ve learned a lot during this process! So why not blog about some of those things?

Cut A Hole In The Box

3D printing gets a lot of attention, and it is indeed frighteningly neat. But for my money a good old-fashioned robotic lasercutter is even more exciting. Anyone who has turned an IKEA flat-pack into an unattractive wine rack will be familiar with the basic principles underlying my approach.

Conceptualizing the transformation from two to three dimensions is trivially easy for some people and essentially impossible for others. I fall somewhere in the middle, and find that I am best served by workshopping a given geometric idea under a variety of pharmacological conditions — specifically alcohol, caffeine and post-workout endorphines. Probably there is some nootropic cocktail available on the streets of San Francisco that delivers innovative furniture design insights and permanent synaptic damage instantaneously, but I’m uncool enough to require lengthy periods of mulling instead.

I would dearly love to employ interesting woodworking techniques, but working in two dimensions more or less mandates the use of finger joints. And really, that’s fine. The one thing you have to watch out for is kerf. Lasercutters work by vaporizing a small amount of material. The width of this area — called kerf — usually amounts to just a tenth or fifth of a millimeter, but it does add up.

I’ve written some python scripts to help generate finger joint geometries that account for tedious kerf calculations automatically. They do require quite a bit of fiddling and subsequent modification in Illustrator or Inkscape, but they work well enough. A nicer online application can be found at makercase.com, but I know my code and like it well enough.

I used Ponoko for this particular trophy, and they provide a wonderful service. But HacDC now has a lasercutter, and though it’s less powerful, you can’t beat the price and turnaround time. I’m still experimenting with materials, but have purchased a bunch of stuff from laserbits.com that I hope will produce good results.

Raspberry Foray

I’ve spent a lot of time playing around with Arduino, and the experience has taught me a lot. But if you want to connect to the internet — and look at you, of course you do — you’re going to want to turn elsewhere. I spent quite a bit of time on the BeagleBone, and I admire its commitment to openness.

But there is no competing with Raspberry Pi right now. It wins on price. It wins on its choice of native distro. Most importantly, it wins on community. Next to these things, its just-OK (nongraphical) technical capabilities are afterthoughts.

Still, making the damn thing useful in embedded applications takes some thought! I have condensed a number of these lessons into this repo. You might want to borrow parts of it (you probably won’t want all of it). Among the things the bootstrap.sh script and its siblings accomplish:

  • Installs Bonjour so you can get to the Pi without looking up its DHCP-delivered IP address
  • Gets a decent Python environment in place, complete with virtualenv
  • Installs the wiringpi and wiringpi2 libraries, which are what you’ll want to use to control the General Purpose Input/Ouput (GPIO) pins on the device
  • Sets up my default wifi networks. Whoops! You probably don’t want that. But use this /etc/network/interfaces and /etc/wpa_supplicant/wpa_supplicant.conf file templates to get yourself online. Note that you can have more than one network={} statements in the latter.
  • Gives my SSH key root on the system. You probably don’t want that either.
  • Turns off the swap file. Swap files are the means by which your disk impersonates RAM to expand your system’s capabilities. It’s a super-neat idea in general, but less so if your disk self-destructs the more often you write to it — which is indeed the case with a flash SD card. You should find a way to make do with physical memory. I’ve gone through a lot of SD cards.
  • Relatedly! And not present in this install script! You should turn off journaling in the filesystem. Instructions can be found here. Journaling is a neat idea by which every change to the filesystem is first cached in a central location before being executed as a transaction. This allows for graceful recovery from a number of failure modes that can occur if an operation that requires multiple steps — and which really, really needs to complete all of them for things to make sense — is abruptly interrupted by a power loss or other failure. But that caching requires a ton of writes to disk, and will burn up your SD card in short order. You’ll just have to get by without journaling, and commit to pulling the power as little as possible
  • The script also turns on the watchdog module in the Broadcom processor that lives at the heart of the Pi. This is a little piece of hardware that listens for a heartbeat signal from the system and, if it doesn’t hear one, reboots everything. Step one is turning on the hardware; step two is setting up the heartbeat. This can give your system a gentle kick when something you’ve done screws it up.
  • Want to install a Python script in your virtualenv as a system service that starts at boot? I’ve made that fairly simple, though the script does bake in a few assumptions about your directory structure.
  • Optionally, this script will help you set up outbound mail via your Gmail account
  • Finally, there’s a script to install an ARM processor-compatible version of PhantomJS. More on that in a sec.

Some things are best done once, however. For a long time I installed whatever the latest Raspbian image was, then went through the raspi-config script (which launches automatically on the first boot) and then ran my bootstrap script.

This takes forever, though. I got particularly sick of reconfiguring raspi-config to expect a non-UK keyboard.

But creating a new and improved disk image eluded me for a while. Installing all the aforementioned junk requires that you expand the filesystem to use more of the SD card (the default uses only 2GB). But if you use the dd tool to image the result, it’ll show the full size of the SD card. And an image of one 4GB SD card (for instance) won’t necessarily fit on a different model or brand of 4GB SD card. (You should be using 8+GB cards anyway, to minimize system failures due to repeated writes to the same sector.)

The solution: expand the filesystem manually to 3GB or so. Use raspi-config to assert your American independence. Get everything set up. And then record an image using something like this:

sudo dd if=/dev/disk1 of=preconfigured_raspberry_pi.img bs=1048576 count=3000

This instructs dd to copy from /dev/disk1 in 1 megabyte chunks, and to pull three thousand of them. The remaining five thousand or so (on an 8GB card) can simply be ignored, I think? Honestly, it’s a bit difficult to keep track of which levels of filesystem abstraction and definition are included where. Perhaps those missing five thousand megabytes will come back to haunt me someday. But not yet.

Somehow the Vital Connection is Made

All of the above gets us a wooden box and a cheap and useful Linux environment. How do we make it actually translate Things On The Internet into a dial moving… somewhere?

Well, first you’ll need a wifi adapter. I tend to buy this one, which is tiny, less than ten dollars, compatible with the Raspberry Pi default distro without any additional drivers, and can mostly connect to wifi networks without exceeding the Pi’s rather wussy USB power capabilities. But there are other perfectly fine choices out there.

Getting wifi working on Linux is awful under the best of circumstances, but when done without a GUI it easily competes with the most imaginative punishments Greek mythology can offer. Please, please use the /etc/network/interfaces and wpa_supplicant.conf patterns linked above. For me, they’re the culmination of more than a year’s worth of trial and error across multiple embedded systems (next time you see me, ask to see my FUCK CONNMAN tattoo). Others will have wisely gone straight to LadyAda’s excellent series of Raspberry Pi lessons, from which this solution is cribbed.

But wifi connectivity is only the beginning.

A Ghost Is Born

Fantasy football is one of those strange areas of human endeavor in which Yahoo is successful. It’s free and it’s what my friends and I use, anyway. And it’s comforting to begin to know the annual rhythms: unnecessary redesign, mobile app flakiness, disastrous week 1 server outage, ensuing apology, eventual system stability. I look forward to repeating the cycle next year.

Alas, the API seems basically useless for anything beyond establishing that Yahoo runs a fantasy football service. So we’re going to be screen-scraping, navigating and disassembling messy HTML pages in just the same way that your browser does.

This is not a reliable process. Worse still, Yahoo counts on tons of Javascript to render portions of the page after the initial HTML has been delivered. Knowing what is supposed to happen after that point requires a Javascript interpreter, which is a sophisticated piece of machinery beyond most scripting environments. Instead, you have to connect your script to a browser and ask it, intermittently and politely, what the hell is going on right now.

This task used to be so hellaciously finicky that I’d never gotten it to work. But Phantom.js has removed most of those difficulties, and as I mentioned above, there’s a compiled version for Raspberry Pi which can simply be copied onto the device and used. I employed the Selenium Webdriver interface, but mostly because of peer pressure. I’ve been hearing good things about Casper.js.

Yahoo ensures that this will not be the end of your woes, but I’ve encoded a number of hard-fought lessons in this Python class, and will probably update it once the 2014 season redesign arrives and breaks everything. (The rest of the code for the meter is here, incidentally.)

Moving the Needle

The last piece of the puzzle: making the damn needles move. Most of the excitement is already recorded in this post. But in short: microcontrollers are all-or-nothing beasts, setting output pins to zero volts or ALL THE VOLTS (3.3 in the case of the Pi). But they can approximate intermediate values by turning a pin on and off very rapidly, with the ratio of on:off determining the voltage that’s being approximated. This is called pulse width modulation, and the Pi has built-in hardware that allows it to deal with this constant switching without expending any brainpower — but only on one pin.

Luckily, the wiringpi library has included as sophisticated a system for additional, software-controlled pins as one could hope for, though each additional pin comes at the cost of a bit more CPU utilization. Fortunately we only need two for this meter (the -100 to +100 meter is actually set up to behave as if it’s two separate meters).

The vintage gauges themselves are not configured for 3.3v, of course. But that’s where trim potentiometers come in:

Those little blue and white dials labeled 1, 5 and 6 are the trim pots in question. Some trial and error can deliver resistor levels that max out the meter’s range without overpowering it. The gauge’s response might still not be perfectly linear, but that’s where this little library comes in.

Wrapping Up

All that’s left is to add a little flair:

Ben will get a plaque now, too. I guess.

how scared should you be of your webcam?

Yesterday Tim Lee and Ashkan Soltani reported a surprising and alarming revelation: some webcams can be activated without their accompanying light being turned on. This means it’s conceivable that criminals or government agents could compromise your computer and take surreptitious pictures of you. It’s a frightening prospect.

It’s also one that I had more or less deemed impossible based on what I know about electrical engineering. I owe Tim and Ashkan my thanks for teaching me something new.

But I think it’s worth delving into exactly what makes this attack possible. The paper their story focuses on concerns one particular attack on one particular type of webcam. Left unanswered is whether vulnerabilities like this one are commonplace. Examining how this attack works can provide some reassurance about engineers’ good intentions, but leaves plenty of reasons to worry about their insufficiency.

You can find the paper detailing the attack here (thanks, guan!).

Before we walk through how the attack works, let’s establish our cast of characters — one that’s slightly simplified relative to the specifics of this attack, but which will suffice for our purposes.

First, there’s your computer. It looks like a computer, and behaves in a computerlike fashion.

Second, there’s the webcam microcontroller. This is also a computer! But it’s a much tinier, lousier computer — one that fits on a single microchip. Still, it can run programs, and it can talk to your computer. And we’re not going to ask it to do very much: mostly it’s just supposed to manage the other components in the webcam and report their outputs back to the computer when asked.

Third, there’s the image sensor. It’s digital and electronic, certainly, and it even speaks binary code and executes commands, but it doesn’t run arbitrary programs. It does have internal states and settings, though — it’s not a completely passive, memoryless device like a lightbulb or motor.

Here’s the key diagram from the paper:


On the bottom is the microcontroller. On the top is the image sensor. There is a connection between the two of them labeled “standby”. When operating normally, the image sensor will go into standby mode whenever the microcontroller sends a voltage to this connection.

On the right side of the diagram is the LED. Its input side is connected directly to the system’s power source (Vcc), and its output side is connected to the “standby” line. A circuit can only do work when energy flows through it, so when both sides of the LED are set to the same voltage — when the standby line is “high” — no current will flow and the LED will remain dark. When the voltage on this connection is low, the image sensor will emerge from standby mode; current will flow from Vcc, through the LED and out the “standby” line; and light will be generated.

This is a pretty good system! The LED’s function is tied directly to something that enables or disables the image sensor. This arrangement can’t be undone without cutting wires. Really, that “standby” line looks a lot like a power switch.

But it isn’t. The image sensor was designed to be a flexible component that might be used in many different configurations, not just the iSight. This is the norm in electronics, with a few exceptions like the custom chips that Apple designs for its iPhones. In this case, the image sensor can be configured in different ways by sending it different setup commands from the microcontroller. One can imagine modes for “low light” or “video” or “grayscale”, but there are also numerous esoteric settings that are only useful to engineers. In the case of this particular image sensor, it’s possible to tell it to ignore any signals it sees on its “standby” pin.

This probably sounds pretty outrageous, but it’s not hard to imagine configurations in which this capability could be useful. When prototyping a circuit, minimizing the number of features and connections that must be used can make the process faster and simpler. In some applications the image sensor might be on all the time, making a usable “standby” line irrelevant (or, if not properly grounded and shielded, even a source of buggy behavior).

Alternately, it might seem outrageous that the engineer designing the webcam system overlooked this capability in the image sensor. This is a stronger argument. But this is an easy mistake to make.

Here’s the datasheet for the image sensor. At 61 pages it’s not especially long (microprocessor datasheets can be thousands of pages), but I think you’ll agree that it’s not the easiest thing to read. What you probably can’t see is that datasheets are often riddled with errors. They are usually written by engineers, which produces a terrible product but is better than the alternative. As you might imagine, the result is more or less impervious to editing and verification by humans. Datasheets for very popular or venerable chips can be very good, but for complicated, new or little-used products, they can contain serious problems. Partially for this reason, datasheets often contain information about “reference implementations”: partially or wholly built systems that show how the component is supposed to be used with a minimum of complicating details, and which engineers are implicitly encouraged to follow without question.

None of this excuses the webcam engineer’s failure to foresee this security hole. But you can imagine how it happened. Having someone manipulate this completely undocumented hardware system, reprogramming a microcontroller to, in turn, reprogram an image sensor to use a counterintuitive operational mode that (for all I know) might be completely idiosyncratic to this image sensor chip? It’s tough to get too angry over someone’s decision to spend their time on other problems.

Is this comforting? Sort of. It’s an awfully specific vulnerability. It’s pretty easy to see how to design around it (use the LED to test for power to the image sensor, not the state of its standby line; harden the microcontroller’s programming; the paper’s authors discuss a number of possible remedies and the occasional tradeoffs they entail). It’s clear that the engineer was trying to tie the LED’s activity as closely and irrevocably to the image sensor’s operation as he could, which is the right idea. We have no specific reason to think that similar bugs are present in other webcams that use different chips or have more careful authors.

Still. This is a reminder that the systems we use are wildly complex, executing code in many more places than just the CPU. And it’s increasingly clear that many of those places have never been scrutinized for vulnerabilities. It’s cheering to see security researchers uncover these problems, but criminals and governments have vastly greater resources and incentives to pursue this work, and have had plenty of time to do so. Some masking tape might not be a bad idea.

teaching everyone to code is a fine idea

I often find myself defending Sam Biddle’s brand of Silicon Valley nihilism to Matt, so I’m sort of surprised to see us switching sides: today Matt joins Sam in deriding President Obama’s calls to teach schoolkids to program. He’s not alone! I think Matt’s specific objection doesn’t get us very far — some students’ failure to attain basic skills doesn’t really tell us all that much about what should be included in a general curriculum, just as the continued existence of murder doesn’t tell us much about the wisdom of enforcing speed limits.

But it is worth spelling out the case for teaching people to code. It’s not because we expect them to become programmers. We don’t expect every student in English class to write a novel or every student in Trigonometry to wind up manipulating triangles for a living. We certainly don’t expect every kid in music or art class to carry those skills beyond the classroom, or even to achieve proficiency within it.

Rather, we teach those skills because they are varyingly enriching and instructive windows onto reality and culture. They help kids navigate the world. In a few cases they’ll wind up being of practical value or make for a fulfilling hobby. But mostly they’re about building competent and intelligent human beings.

Coding qualifies. I still distinctly remember programming my grandparents’ VCR for them — a cliche of childhood technical affinity, yes. But also an instructive experience! Why was the schedule set with a 24-hour clock scheme? Why were the on-screen fonts the same across different brands of VCR? What the heck was the difference between SP, LP and SLP? The answers involve the nature of modulo arithmetic, the electronic industry supply chain and electrical engineering practices, and some pretty fundamental concepts from information theory. Some of these revealed themselves quickly; others came decades later. Gaining that simple, unimportant technical skill gave me a window into how engineers’ minds work and how the constraints imposed by physical reality shape the systems they build.

Without realizing it, the simple daily use of technology imparts lessons about data normalization, computability and signal processing. Stitching these hunches together with a light classroom introduction to the procedural nature of Turing-style computation is not a bad idea. It’s also not a trivial idea — some people think this perspective has enough explanatory power to describe the entire universe.

Nor is it of merely intellectual interest (though I’ll happily admit that I do find it deeply intellectually rewarding). In the same way that the economic perspective has largely triumphed over other dialectic forms in our culture, our physical environments grow ever more engineered. And engineering grows ever more digital in nature. Understanding how those processes work at a fundamental level is an increasingly necessary precondition to deciphering our deeply unnatural world.

Do you want to be able to quickly use a new product? Or organize a spreadsheet so that it will be useful later on? Do you want to know why your partner missed that SMS, or why the football broadcast looks blocky? Do you want to know what to fear, and when you’re being lied to, and how?

Learning to code “hello world” won’t guarantee you those answers any more than it’ll guarantee you a job at Facebook. But it isn’t a bad place to start.