Archive for the ‘English’ Category

Ficha de D&D 3.5 em Português (Devir)

January 11, 2015

Cansado de baixar aquela porcaria de ficha que a Devir disponibilizou em seu site junto com a publicação do D&D 3.5? Aquela com marcas de corte nas bordas para a gráfica? Aquela, que quando você imprime, a ficha aparece encolhida no meio da página?

Seus problemas acabaram! Aqui está a mesma ficha em PDF, só que com página A4 e sem as marcas de corte. Perfeita para você que vai imprimi-la em casa, e não numa gráfica:

Ficha D&D 3.5 boa

Advertisements

Announcing libestream

May 10, 2013

Block ciphers, like AES, are not the best thing around for secure communication, for they require an mode of operation in order to be properly used — which adds complexity, thus is itself a source of problems, see, for instance, the BEAST attack. Also, block ciphers are designed with reversibility guarantees that makes their execution cost very high compared to specialized solutions for communication: the stream ciphers.

But the only stream cipher algorithm in widespread adoption by 2013, called RC4, is old and broken in many ways. Due to its weakness, WEP WiFi protection is broken. While many cryptosystems relies on it for security, RC4’s shortcomings are rendering these systems increasingly fragile, specially due to its recent surge of popularity when people could not count on AES on SSL anymore due to BEAST attack, exposing RC4 to even more cryptanalysis.

To offer an alternative to RC4, European Union’s ECRYPT launched the eSTREAM project in create/find, analyze and select the next generation of stream ciphers suitable for widespread adoption. The project was concluded in 2008 and recommended 4 stream cipher algorithms suitable to be implemented efficiently in software: HC-128, Rabbit, Salsa20/12 and Sosemanuk.

Despite the time since initial publication of eSTREAM, their adoption goes at very slow pace, with very few implementations besides the reference one. In a modest attempt to encourage the adoption and facilitate the usage of these algorithms, I have developed libestream. It is a free pure C library featuring all the eSTREAM software profile algorithms written from ground up based on the specifications. It provides a clean interface directly to the algorithms output and a more general interface that buffers their outputs and apply sequentially to stream chunks of any size.

It also features, for sake of completeness, a partial implementation of UMAC, a message authentication code (MAC) algorithm, that together with any of the ciphers are sufficient to sign/authenticate the chunks of (or the whole of it) encrypted stream, considering that stream ciphered messages should not be transmitted without a secure authentication method.

Amigos de Bolso™ contra o BitCoin

January 6, 2013

Após um Amigo de Bolso™ do Izzy me apontar o link [ Dossiê HBD ] Bitcoins, a moeda do futuro (no presente é só uma piada mesmo), por ser de tantas maneiras impreciso e tendencioso, resolvi publicamente discordar e replicar nos pontos pertinentes.

Sendo um conhecedor do BitCoin, logo na introdução do artigo fiquei sem entender as alusões do tipo “pífia e juvenil tentativa”, “célebre motivo de chacota” e “lorota financeira comparável a Herbalife”. A alusão a lorota financeira se fez claro mais abaixo quando o autor descreveu sua visão sobre o tema, bem como a “chacota”, já “pífia”, “juvenil” ficaram injustificados, principalmente pelo fato de o próprio autor ter admitido a importância do BitCoin para atividades ilícitas. Pode não ser idônea, mas de maneira alguma é “pífia” ou “juvenil”.

O que é BitCoin?

Um erro menor do autor nessa seção foi dizer que BitCoin é uma moeda “criptografada”. Nada no protocolo do BitCoin é criptografado, nem há nenhuma necessidade implícita de criptografia para seu uso e funcionamento. Entretanto é uma prática comum para os possuidores de BitCoin criptografarem sua carteira para impedir acesso indevido, exatamente da mesma maneira que criptografamos arquivos importantes, comunicações de email e transações bancárias, o que portanto não justificaria chamar a moeda de “criptografada”.

Mas o erro principal foi outro: implicar que o criador do BitCoin tivesse objetivos conspiratórios ocultos aos criar a moeda, sem levar em conta o adjetivo correto que deveria ter sido usado em lugar de “criptografada”: “distribuida”. BitCoin é acima de tudo, uma moeda distribuída, sem nenhuma autoridade central, sem nenhum controlador implícito ou explícito. Toda a infraestrutura de software que possibilita seu funcionamento é livre, modificável e aberto para auditoria. O que evita fraudes é o consenso gerado pela rede BitCoin, ninguém ou nenhuma instalação especial de software ou servidores tem autoridade para ditar os rumos da moeda, criá-las espontaneamente ou alterar seu valor. Nem o criador, nem ninguém. O processo de funcionamento das BitCoins é completamente aberto, auditável e consensual; não tem ponto central.

Não importa os objetivos do criador do BitCoin, porque ele não tem mais nenhum controle sobre a moeda. Ela foi criada para ser incontrolável, e só ganhou popularidade por isso: não foi um cara que disse “ela não está sujeita a ninguém, confiem em mim”, foi que cada indivíduo que analisou a fundo seu processo de funcionamento e acreditou, atestou que assim o era (e ainda hoje mais e mais pessoas o fazem e o atestam).

Como as bitcoins (não) funcionam?

Essa foi a sessão mais errada e distorcida de todo o artigo, e de certo modo justifica a visão do autor de “lorota financeira comparável a Herbalife” sobre o BitCoin.

Explicando realmente como as BitCoins funcionam: você tem BitCoins em sua carteira, que pode ser um programa no seu computador ou uma conta em alguns dos sites que oferecem serviço de carteira BitCoin. Lá estão armazenadas suas BitCoins. Quando você quiser pagar por algum bem ou serviço, você coloca o endereço do destinatário, digita o valor a ser enviado, e clica para enviar a transação pela Internet. Dentro de alguns minutos sua transação será validada e confirmada pela rede.

No caso inverso, você tem dinheiro a receber, você clica em um botão na sua carteira para gerar um endereço de pagamento (um código do tipo 13bbGCsjo5RrByDdQovxLwhquzDyTbHG7Q) que você envia ao seu pagador para que ele possa efetuar a transação.

Simples assim.

Agora, realmente existe o processo de mineração de BitCoin como mencionado no artigo do Izzy, mas dizer que “você baixa o software oficial da parada e a roda no seu computador. Dependendo da potência do mesmo […] você vai ganhar algumas frações de bitcoins após rodar o aplicativo por algumas horas” é tão preciso quanto dizer “existe um metal que vale muito dinheiro chamado ouro e tem ele enterrado. Funciona assim, você pega uma picareta e cavuca a terra, e algumas horas depois você acha alguns microgramas de ouro”.

Ainda tem um erro menor nessa afirmação, que diz que o software tem que ser o “oficial”, decorrente da mentalidade de que o BitCoin é um esquema fraudulento controlado por algum grupo restrito de pessoas. O processo de mineração de BitCoin foi criado de modo a ser matematicamente garantido de ser difícil, e portanto dar valor à moeda (lei econômica: quanto mais raro, mais caro). O processo utiliza um algoritmo padrão para este propósito, o SHA-256, projetado pela NSA. Por ser um algoritmo muito comum e conhecido (eu o aprendi pela Wikipédia), é relativamente fácil escrever um minerador, e existem dezenas deles, com zilhões de funcionalidades e propósitos específicos. Se você for se aventurar a minerar, o último que você vai querer é o “oficial” (o primeiro minerador feito; chamá-lo de lento é bondade, ele é completamente inútil na economia atual do BitCoin).

O processo de minerar BitCoin é oneroso por causa do hardware necessário, barulho e calor gerados, energia consumida (e poluição gerada, dependendo da fonte dessa energia). Acreditar que vai ganhar dinheiro fácil com isso é igual acreditar que você vai ficar rico se pegar sua picareta e ir para alguma corrida do ouro na Amazônia junto com mais zilhões de pessoas que tiveram a mesma ideia, e montam aqueles acampamentos de mineiros cheios de miséria e prostituição que as vezes passam na Globo. Minerar BitCoin não funciona assim, exige planejamento, recursos, e as contas na ponta do lápis, e isso é facilmente visível para qualquer um que não acredite em esquemas de pirâmide. Aparentemente a ira do Izzy vem do fato de isso não ser nenhuma fonte mágica de dinheiro, como ele talvez um dia quis acreditar que fosse, e agora sai atacando.

De fato, pela inexorável mão invisível do nosso amigo Adam Smith, mineração de BitCoin nunca poderá ser uma atividade mais que muito pouco rentável, por que quanto mais gente tiver minerando, mais difícil fica, atingindo um ponto de equilíbrio onde só é rentável o suficiente quando gente suficiente desiste por acreditar que não vale a pena o esforço. Certamente para mim não vale o esforço de sair numa corrida do ouro, e para muita gente não vale o de minerar BitCoin.

Como apontado no artigo, é verdade que a moeda é muito instável e tem grandes variações de preço, por isso é considerada um investimento de alto risco para especuladores (se se pode ganhar muito, se pode perder muito), mas isso é devido à sua idade e seu relativamente baixo volume de utilização.

Pera, um ex-site de Magic é o “Banco Central” dessa parada? Isso não me parece muito seguro.

O Mt.Gox não chega nem de perto a ser o “Banco Central” do BitCoin, pois a função do Banco Central é emitir e controlar artificialmente o preço da moeda, e isso não existe no BitCoin. O Mt.Gox está mais para a NASDAQ do BitCoin, pois é a maior bolsa de valores que negocia a moeda.

E sim, é insegura, volta e meia vemos sites que lidam com grandes quantidades de BitCoins são invadidos e roubados, ou então os dados são perdidos. Infelizmente isso é uma limitação do BitCoin como um conceito novo com somente 3 anos e poucos de existência: as instituições que lidam com os valores não estão acostumados com a segurança e procedimentos exigidos na atividade financeira, e não adotam procedimentos de segurança desenvolvido a duras penas ao longo dos anos pelas instituições financeiras convencionais. Essa falha não é inerente da moeda em si. A revista Forbes já apontou estes aspectos da segurança do BitCoin, e também já foi rebatido.

O mais interessante é ver o autor acusar e desconfiar das instituições que lidam com BitCoins, e principalmente explica o aspecto da “chacota” mencionada na introdução. Aparentemente, por não serem grandes e super poderosas corporações como os bancos internacionais (que já quebraram o mundo mais de uma vez) que estão por trás do BitCoin, mas sim sites simples, evoluídos de mercado de trocas de cartas de Magic, e pessoas simples e normais com os quais nos identificamos que estão lucrando com o BitCoin, o autor ataca, faz chacota e acusa de má fé e corrupção essas pessoas, quase como se tivesse inveja, e quisesse ele ter tido a ideia e lucrado com o BitCoin antes/no lugar deles.

A própria acusação de corrupção contra o sujeito Bruce Wagner (que eu nunca tinha ouvido falar, e não tem a menor importância na economia e continuada utilização do BitCoin) referencia um site dedicado a chacotas sobre o BitCoin, o ButtCoin, que a propósito, foi encerrado aparentemente por falta de ibope.

Quanto a afirmação de que o Banco Central Europeu diz que o BitCoin tem semelhanças com esquemas de pirâmide, é simplesmente falso. Segue o único trecho que a palavra “pyramid” é mencionada:

“Therefore, although the current knowledge base does not make it easy to assess whether or not the Bitcoin system actually works like a pyramid or Ponzi scheme, it can justifiably be stated that Bitcoin is a high-risk system for its users from a financial perspective, and that it could collapse if people try to get out of the system and are not able to do so because of its illiquidity.”

Preguiça de traduzir à parte, o trecho justifica o quão arriscado pode ser para uma pessoa se meter com BitCoin sem entender como ele realmente funciona (opinião de um Banco Central; claro que muita gente que já se fudeu por causa de um banco convencional poderia dizer a mesma coisa sobre eles), mas diz explicitamente que eles não tem nenhuma dado para considerar o BitCoin como um esquema de pirâmide; é quase o oposto do que o Izzy falou. Ele só levanta a possibilidade de, caso as pessoas desacreditem do BitCoin e não queiram mais comprá-lo, você não poderá mais vender o que você tem por dinheiro convencional. O mesmo risco que os investidores de ações correm caso todo mundo ache que as ações da Petrobrás não tem mais valor e param de querer comprá-la.

Mas Izzy, um broder meu que manja dessas coisas e é super politizado falou que a vantagem do bitcoin é que, ao contrário de moedas fiat, ele não desvaloriza e não inflaciona, o valor dele só sobe!

Dãã! É claro que o valor flutua, como o de qualquer ativo negociável que não seja uma bomba relógio em viés de explodir! Lembram do Avestruz Master?

O sentido real dessa frase vem do fato da moeda ser por natureza deflacionária, o que significa que, a longo prazo, se a atividade econômica em torno da moeda aumentar, seu preço só pode subir, porque não tem ninguém com poder para emitir mais BitCoins para compensar o crescimento da economia. Isso se dá por que a moeda foi planejada para ter uma taxa de produção decrescente, ou seja, a quantidade de BitCoins produzidas vai diminuir até parar de ser produzida, e só re-circular o que já existe. Isso não tem nada a ver com as flutuações locais dentro de uma bolsa de valores.

Você mencionou que é difícil mineirar bitcoins. Explique isso melhor.

Só corrobora o que eu falei sobre BitCoin não funcionar como a seção Como as bitcoins (não) funcionam? do artigo original alegar: não é pra qualquer um mineirar. Até o os primeiros hardwares dedicados à mineração de BitCoin começarem a ser entregues, que diminuiriam o consumo de energia em ordens de magnitude, o calor gerado é um efeito colateral indesejado que as pessoas tentam aproveitar.

E em quantas situações energia elétrica não é queimada para simplesmente se produzir calor? Ferro de passar, chuveiro elétrico, forno elétrico e aquecedor de ambiente em locais frios, etc. Claro que para o autor essas situações onde o calor da mineração de BitCoin é aproveitado em lugar de se queimar a mesma quantidade de energia e não produzir nada não passa de chacota. Mas considero montar essas engenhocas um hobby muito mais interessante do que, por exemplo, rebaixar carro, por luz de neon em baixo, um som gigante no porta malas e sair perturbando a paz pela cidade (só para citar um hobby geralmente reprovável).

Mas Sr. Izzy A. Nobre, se isso é uma merda, qual a real utilidade das bitcoins?

BitCoin tem sim seu grande atrativo para atividades ilícitas por ser anônimo. “Quase anonimidade” é uma afirmação meio fraca sem prova ou confirmações de casos em que pessoas são rastreadas através do BitCoin. O usuário pode ter quantas carteiras BitCoin quiser, cada uma com quantos endereços, sem relação um com o outro, quiser. E as carteiras e os endereços podem ser criados à vontade, offline no próprio computador, ninguém tem o controle sobre isso. Daí vem a afirmação que BitCoin é anônimo, porque não tem como ligar com certeza endereços — por onde passam as transações — com a identidade do dono daquele endereço. Olhando para a cadeia de blocos da rede BitCoin (tipo o livro de registro de todas as transações realizadas na moeda) você pode ver o dinheiro indo de endereço para endereço… mas não dá para saber por ali quem controla aquele endereço.

Eventualmente alguns dos seus endereços BitCoin se tornam conhecidos por alguém: se você usar seu endereço em negócios com uma pessoa, ela provavelmente terá alguma informação de contato sua que ela poderá relacionar ao seu endereço. Então ele é rastreável? Teoricamente sim, tão rastreável quanto receber uma nota de troco na padaria e tentar fazer o padeiro lembrar quem deu aquela nota para ele. Simplesmente não é uma abordagem realista, ainda mais se a quantia tiver passado por várias transações antes de levantar a suspeita.

E quanto a “essa porra” ser um “oceano de credibilidade”? Do que se duvida do BitCoin? Se for da sua robustez como moeda de troca, tem toda uma economia (ilícita) bem estabelecida e dependente do BitCoin, de modo que demanda por ele não vai faltar, garantindo sua liquidez. Se for da sua anonimidade e conveniência: bandidos usam sem medo de serem pegos. Que garantia maior você poderia querer? Eu não vejo como é possível o fato de o BitCoin ser o instrumento de negociação escolhido por criminosos cautelosos ser de alguma forma indicativo de sua fragilidade.

Quanto a negócios legítimos que aceitam BitCoin, dá uma checada nessa página: https://en.bitcoin.it/wiki/Trade. Em particular, compro jogos com BitCoins aqui: JJGames.com. Fora isso, se você for um especulador ou minerado que ganhou algum dinheiro com BitCoin, você pode simplesmente trocá-lo por outra moeda em algum dos sites de câmbio de BitCoins existentes, o único brasileiro não é lá muito ativo: Mercado Bitcoin. O tal valor “virtual” do BitCoin é tão “virtual” quanto o valor de ações da Bovespa, com a diferença que você não precisa de esperar o horário de pregão para vender — funciona direto, inclusive nos finais de semana.

E baseado na afirmação:

“bitcoins e seus entusiastas residem na mágica intersecção de

  • pessoas que não entendem o mercado financeiro,
  • pessoas que não entendem investimentos, e
  • pessoas que não entendem matemática.”

concluo que se as pessoas que fizeram e ainda fazem o BitCoin entendessem tanto de mercado financeiro, investimentos e matemática quando o Sr. Izzy A. Nobre, ele com absoluta certeza não existiria…

Diablo 3 Real Damage Per Second Calculator

May 19, 2012

I have created an application that calculates the (real) DPS of weapons in Diablo III, whether single or dual wielding. Quoting the description:

Choose your weapons wisely and know how much damage you truly deliver in Diablo 3!

Good old days when bigger was better is gone! In Blizzard™’s Diablo III™, except for the most simple and non-magical weapons, the DPS (Damage per Second) reported can be misleading, because it does not take into consideration the extra magical damage an weapon may deliver. If not enough, things really gets wild when dual wielding, when you can deliver less damage than with a single weapon if you don’t carefully consider the specs of both weapons.
Tired of switching from desktop to game in order to use PC calculator to get the right DPS? Tired of building all the complicated formulas in your cell phone calculator, while your NPC companion complains you are wasting his time, just to know if using two axes is better than a single dagger? Have you never bothered knowing your DPS because it was too complicated?
If so, this application is for you! You will still need to type the values into your cell phone, but from the bare values it will magically deliver the true DPS you waste upon your foes!
You will have to input: base damage, extra magical damage and speed, for a single weapon or for two weapons, and the calculator will display your true DPS with that choice of weapons.
Please notice that this application was not made by Blizzard, and the formulas used within were devised from the gameplay itself.

Buy it from here: https://play.google.com/store/apps/details?id=com.fractalgames

The source code is available here: https://www.gitorious.org/d3dpscalc. Please don’t compile it yourself then submit it to Google Play for free, because I don’t know how to sue you if you do…

Closed Timelike Curve

May 4, 2011

The Cost of Free Software

October 6, 2010

So you have heard of free software? The kind of software you can download and use for free, like Linux and Firefox… Well, maybe you even heard that the software is free not because of its price (or lack of it), but because of the freedoms they allow, that is why some call them Software Libre, libre as in liberty.

If so, then have you ever thought about the cost of free software? I am not talking about price, the fee you pay to get your hands on a copy, I am talking about cost: the resources consumed so that software could be built. From resources it is easy to think about money, because it is the most generic form of resource invented in our society. Closely tied to money, there is another, most precious, resource: time. I dare to say that time is much more precious than money, because with time you can make money, so working for some hours is worth some dollars, but the inverse is not always the true. With money you can speed-up the building of a bridge, but there is a limit on how much this speed-up can be achieved with money, and with exponentially more money you can only speed-up the building linearly, saving you much less time than the money you spent. This is not the worst case: no money at all can bring back the weekend you missed far from your family while working for money, thus I may say that time is the most precious resource available.

So, what does it take to build free software? Well, pretty much what takes to build any software. First, it requires highly specialized professionals, that takes years to train in a painful process full of math, super complicated codes, languages and stunning logical puzzles. Well, it is so from the standpoint of most people, i.e. it is not so painful for the software developers, because they like it. The fact the developers like to be developers does not change the fact that it is not everybody that can stand their training, making these professionals a rare resource by themselves.

Secondly, it requires time. Only someone who has seen ten thousand lines of source code can have a glimpse of how complicated and time-consuming it is to build a software. It is a manual art, with each line of code requiring attention and care. I compare programming to any craftsmanship, like carpentry or masonry, that can take very big proportions, depending of the software being built. An average software takes pretty much the same numbers of workers and the same time to be built as an average building. The care needed in laying each brick manually is the same care needed to write each line of code. Give not the needed care, and we have bad buildings and bad software, if at all.

Summing up the time and work needed to build a software, we end up with very expensive products. Buildings have another cost software usually does not have: the materials (the cost of a computer is irrelevant if compared to the cost of the programmers), but on the other way, given the social injustice and the complexity involved in programming, it is far more easy to find qualified construction workers than qualified programmers. Since some nature law states that what is rarer is more expensive, getting workers for a software is very expensive.

That brings the question: if it is so expensive, where do the resources needed for developing free software come from, since I do not pay for it? For large and important free software projects, it is easy to answer: Linux is base for dozens of other system and products of very large corporations, so they pay full-time developers to work exclusively on Linux. Java is a core technology inside Oracle’s business model, so most of the effort in improving Java comes from them. This development model is the so-called Open Source, where the costs of developing a software is shared among business and individuals interested in it, by making and maintaining that software free.

Now we must not forget the force of great importance pushing forward the free software, the same force that made Linux prominent: the individuals. We would not have free software as we do today if it were not for the contribution of uncountable individual programmers, who spent their spare time working for no money in software, just for the fun of doing so. Many of these programmers are not concerned about ideology or economics of free software, and they do not develop free software for anyone but themselves. Even those individuals programmers need to eat, so many of them have full-time jobs, completely unrelated to their work on free software, that they use to pay the bills. As a hobby, they create free software.

These schemes of funding, both the corporate and individual, brings a disadvantage to free software in general: it is too developer-centric. In one side, we have corporate creating consumer goods using free software, being theses goods themselves not free, so there is no interest at all in making the free software friendly for the general public. In the other side, we have individual programmers developing for themselves, what, obviously, will not result in friendly software as well. As general rule, free software is not friendly for non-computer geeks. Some people try to overcome this limitation, like Canonical with Ubuntu. Although successful, it is not as successful as we would like it to be. Others truly were able to overcome this limitation, like Mozilla Foundation with Firefox. How? If you ask me, I would say that it is because that their founding is directly tied with the number of users of Firefox, using Google services through it, giving Mozilla some revenue.

So, the funding scheme of free software leaves it with a fundamental flaw, a flaw that disable us of gaining critical mass: end-users have no voice. Free software is not created for them, and if they do not want to use it, fine, go pay for Windows. To overcome this flaw, we could try to involve the end-user into the development process, and Ubuntu was able to do it at some extent, but it is a painful process, too. Since end-user has very little to contribute in practice to the development of the software, there is no incentive for them to take part in it, nor to the technical community to welcome them.

How to solve this problem? How can a non-programmer users be made an active and important part of the free software development process, as they are in non-free software? Well, I am not completely sure, but I have some ideas. Me and some friends are working on it, so far it is called Project Alvarium, and we hope to deliver something some day, preferably soon…

Another View on Playstation Jailbreak

September 8, 2010

Someone may remember when, years ago, I was telling everybody that Sony had created the greatest anti-piracy feature for Playstation 3 that ever existed in video-game. Don’t let them fool you saying it was strong cryptography and high-tech ultra “security”. No, none of this, nor any other tight control feature, never stopped hackers. What I believed that always has been the anti-piracy measure of PS3 was called “OtherOS”.

A hacker does not spend a great amount of resources working over a cryptography puzzle just to play free games. Being able to play free games is merely a consequence of his work — a consequence that usually gets all the fame. No, a hacker does that because he wants to dive into the machine, he wants to use it for whatever he wants, he wants to break the chains of the imposed authoritarian control. Nothing is more provocative than hardware fortress that, as they say, no one could enter. Unless…

Sony tells them: “Here is the machine. An incredibly powerful one, I must say. I just don’t want you to play free games on it. Besides that, you can use it for whatever you want. Thus, the OtherOS for you.” It does not matter it is crappy and inconvenient to use, that it is limited, that you can not use the GPU, that you have one less SPU. All that matters is that it is there, and you can use whenever you want. Why bother cracking it, when they already officially provided us with so much control, so much room to run around with our chains?

One may never really use it. I tried to program the SPU myself once, and barely got it working when I gave up. I must say, it never mattered most than the day they forced me into “up”grading my system to remove my OtherOS. They could not be serious… would they dare to remove that crappy functionality that was never useful to me, but that I cared so much? Well, they did. And that is the whole point. We lost the little control, the glimpse of freedom, we had. We could not withstand it.

On April, update 3.21, OtherOS was removed. On August, a USB device called PS Jailbreak is confirmed to totally own the PS3 fortress, by just plugging it. On September, after six months, the exploit that allowed PS Jailbreak to work was patched by update 3.42. Do you really think this is a coincidence? Do you think it will stop?

Update: It seems I am not the only one to think like this, see the videos of this talk in Berlin:
http://psgroove.com/content.php?581-Sony-s-PS3-Security-is-Epic-Fail-Videos-Within

Planned Obsolescence and Linux — A Real Case

June 30, 2010

Today I had to repair my sister’s PC. After more than 5 years, its internal clock battery ran out and needed to be replaced. Looking at it now, it made me consider: why do most people would want (or need) a computer better than that?

From observation and interview, I found that this how my sister uses her computer: chatting in MSN Messenger, reading emails, web-browsing, social-networking, viewing photos, watching You Tube videos, storing photos from her camera, listening to music, video-chatting with Skype, reading and writing USB sticks and occasionally doing some homework with OpenOffice. To complement that, she could also sporadically use it to watch a DVD.

In the interview, I asked what she thinks about the speed of her computer. She said there is nothing remarkable about it. Compared to my laptop (not one year old), she says it is a little slower. I asked how much, in numbers, and she said: “about 10%”. When I was leaving, she gave me a bonus info: “the slowest is my father’s laptop on Windows”. That is the only computer in house with Windows, it has 1 GB of RAM and a dual processor AMD Turion X2, the first 64 bits in the house, bought in 2007.

Her computer is an AMD Sempron 2200+, with the bizarre RAM count of 640 MB. It dates from 2004 and until today suits all her needs. Some parts were replaced later, and it has an 80GB SATA hard disk, and a 15” LCD wide-screen monitor, but the main internal parts are the same. The cooling fan is hang on green yarn because the old fan was destroyed by dust and the new one is too big to match the screw holes.

As you can see, it can not be considered to be in its best conditions, but it is working very well. Also, I can not say its average failure rate is greater than a new computer, after all, fans are often the first part to be replaced. Fact is, most computers do not get old enough to have its internal parts replaced. These parts do not age fast enough so to age faster than the software they run, what demands the whole computer to be replaced.

This old computer had Microsoft Windows XP installed until 2 years ago, and no new Microsoft product could fit comfortably in it, due its low amount of memory for those days standards. One day it stopped working due to natural Windows worn out, a fact Windows users are familiar with, and believes to be normal, that requires periodical system reinstall. That time I did not reinstall Windows. Instead, I installed Ubuntu 8.04. Since that time, it had no more viruses and the performance did not start to decrease with time. It got through 3 on-line system wide upgrades and is now running Ubuntu 9.10.

As many already knows, Ubuntu is a zero-cost free-as-in-freedom open source and easy to use flavor of GNU/Linux operating system. It came by default with all the software my sister needed to perform the aforementioned tasks, and much more is available on-line. Everything free as in beer, most of them free as in freedom. She can click on every virus and bad site links she wants without getting infected. As long as she does not type her personal info in the bad sites, she is safe.

Then I had, inside home, the best illustration on how Windows and many proprietary software contribute to early obsolescence of computer hardware. None of newer versions of Windows can run in my sister’s computer. Newer Windows uses at least 15 GB of disk, while Ubuntu fits into a CD and installed uses no more than 5 GB, counting the default applications, that includes an office package. This size can increase if install too many programs, but you do not count applications as part of the system, do you?

There are some tasks, like gaming and playing HD movies that do require newer hardware, but that old hardware is perfectly capable of performing any task most of the people need. The only need for a bigger hardware is to run new Windows and its accompanying must-have anti-virus. The tasks people actually perform in their computers are irrelevant to the hardware, compared to the bogus operating systems over it. See, it is not the nature of computers to slowdown over time. They should keep the same speed while the usage pattern of the user is the same. Also, for a set of functionality available in a software, it’s newer versions must perform at least as well for this same set. This means that there is no acceptable reason for newer Excel to need more resources than the older Excel if you will use them in the same way.

The practice to make things seems older without they actually being old is called planned obsolescence, and it is a disgusting practice in view of sustainability, not to mention human quality of life. My sister’s keyboard is horribly dirty. It would take me about 2 hours to clean in completely. Considering a new keyboard costs less than 10 dollars and my specialised work hour may cost more than that, it is more worthy to buy a new keyboard. But I will not do that. I prefer to clean my keyboard, as new ones are only cheap because there are semi-slave workers in China building them for less than 10 dollars a month.

Why I Prefer GPL

June 28, 2010

A few days ago a discussion started on the MSL-TM mailing list about how we choose the license to use on Castaneum, a software project we are developing (at least, we should be developing).

The MSL-TM is a regional group (from Triângulo Mineiro) of people interested in the using and spreading of free software. I like to define free software as any software product that is patrimony of humanity, thus, every human being has the same rights over it. This is my definition, but there are many definitions of it, seen by many different perspective. The definition regarded as the official is the one given by the Free Software Foundation (FSF), the ones who created the term.

Castaneum is a software system aimed to ease control over who uses the computers from university’s library, that we, from MSL-TM, are developing as an effort to remove, or at least lessen, the use of Microsoft Windows in campus, what, I must say, at least 90% is pirated. I heard from the Data Processing Director himself that the university is overwhelmed by Windows viruses, and our highly restrictive firewall is to refrain the spreading of those viruses to the Internet.

I do not know who first choose to license the project under the GNU General Public License (GPL), but I do know that was me who confirmed this choice, when I submitted the first bit of code into the source code repository, and replaced the notice that said we would be using GPL with the license text itself. Some members of the group where not satisfied with the choice, what started the aforementioned discussion.

To summarize the problem (and those who are familiar with free software may be have heard about it), GPL was not free enough. Every written software is property of its author, due to the copyright law, existing in every country I know. For a software to be free, the author must grant some of its rights to everybody who can get the hands on the software, and the ordinary method of doing so is distributing the software under preëxisting free software license. The problem of GPL, a free software license written by the FSF, is that it prevents anyone who gets the software to changes the terms of how it can be distributed. For instance, if I get a software product and create some other software by modifying the original, what is perfectly OK, since it is free, I can only sell my resulting software under the same GPL terms I got the original. It would actually make my new software free, like the one I got. This kind of restriction is ironically called copyleft: while copyright restricts copying, copyleft ensures possibility of copying.

The voices against GPL says that it is a viral license, because every free software that derives something from a GPL’d software must become GPL’d, so it spread like a virus. These people usually prefer licenses like BSD-style and MIT-style. These free software licenses are much smaller and simple than GPL, and have the important distinction of allowing a software distributed under it to be licensed by another person under other license, provided that their little restrictions are met. The big and relevant practical effect is that one (lets say, Apple) may take a free software (lets say, FreeBSD), change it into something else (lets say, MacOS X) and sell it under its own restrictions, disallowing anyone to have the same rights one had when got the original free software. This practice is known as “closing” the software, what is not a very fortunate choice of words.

So far we have: use BSD if you do not mind having your software “closed” and sold by others. Use GPL if you do not want any “restrictive” software product to be derived from your own software. This later is often misinterpreted. Many do think that GPL will refrain others from selling a software, what is very wrong. Anyone can sell GPL’d software, provided that it continues to be GPL’d. The confusion is justifiable since the prevailing business model of software industry requires that, if a software is sold, the buying part is prohibited to copy and redistribute it. Otherwise, it would make no sense selling it at high prices when anyone could get a legal copy from someone who have bought it before. Obviously, GPL’d software is unsuitable to this business model, because it allows the buyer to redistribute the software freely.

BSD and less restrictive licenses are often used in free software projects supported and developed by big corporations, like Google’s Chromium, that is behind Chrome, Apple’s Darwin, that is behind MacOS X. It would allow them to benefit from the free workforce that can develop around a open source project — as described in The Cathedral and the Bazaar book — while giving them the possibility to use it in it’s own non-free products. The term open source can be regarded as the best methodology available on developing free software.

We can put the matter in another perspective: do you believe non-free software is immoral? If so, use GPL, otherwise, use BSD. This question may sound absurd for people outside free and open source community. One may say: “of course it is moral, it is perfectly legal under copyright law”. If so, I may fell tempted to question the morality of this law in regarding of software, and I am not the only one to do so.

I will not get into details on how copyright law got perverted in regard to artistic works, what somehow motivated the creation of Pirate Party and linked Creative Commons and free culture to free software. I will attain to utilitarian software, what every software, besides games, are.

It was a very dirty trick to fit software into the old copyright law, created to protect the rights of artists over their books, plays, paintings and music. The purpose of the law was to give incentive to authors of such artistic and cultural works to create more. Imagine you are a book writer, if anyone could publish your book without paying you anything, you would feel very bad, and would need another job in order to live, so you would write much less than you would if you could earn money by writing.

While the similarities between software and artistic works were taken into consideration when they decided to include software in that law, namely, that they are easy and cheap to copy, but hard and expensive to create, they left outside one difference of most importance. People consume artwork because they want, but consume software because they need.

From an economic point of view, no one systematically order general artwork, like books, from artists, but people do consume them when they are done. On the other hand, people systematically order software from software makers, in a way that is enough to refrain a programmer from starving. Copyright law has little use in this scenario. Actually, most of the small software companies do survive by creating specific programs for specific clients, and selling software in boxes are distant realities.

From a more human point of view, suppose you are a programmer and created a software that is useful for you. Your neighbour asks you to have it, and costs you nothing to give it to him. Would you give? I am pretty sure most of the people would simply give away. Some may say it is part of human nature: if it costs nothing to help, we simply help. Imagine you have a lit candle, and someone besides you have an unlit candle, would you lit his candle for free?

This simple and intuitive concept is reversed in the corporate “software-in-a-box” business model, where already created software, which has cost virtually zero to reproduce, is sold by obscenely high price compared to its reproduction cost. Why is it so? Why our organizations do such things while individuals tend behave in the opposite direction? Everybody knows that corporations do not abide to morals, but instead to profit. While it is permitted by law and by consumers to do immoral lucrative deeds, they will do. And you can hardly imagine how lucrative, compared to the costs, can be to sell a box containing a copy of a software. It is so lucrative that Microsoft employees need to stop playing golf in the corridors when the money for replacing broken windows is over (and I heard this from a Microsoft employee). It makes me wonder: how many times more rich than the second richest man Bill Gates would be if everyone who uses a pirated copy of Microsoft Office paid what is due to him?

This is the reason I prefer GPL over less restrictive licenses, because the only good reason to choose BSD in place of GPL is to endorse a business model I believe to be immoral. But it is idealistic and unpractical to attain too firmly to this resolution. In an ideal world, every software should be free, thus copyright, if existed, should not apply to software. But we have copyright for software, and now days, to believe software should be free is much more weird than to believe software should not be. It can be very difficult to convince someone that free software actually works until he or she sees, with their own eyes, that it works.

Since the development model of free software relies on external contribution from the parties interested in the software, it may be preferable, in some cases, to have the software distributed in less restrictive licenses. A software under BSD license would give some guarantees to a potential contributor, who would not be afraid of investing in it, as the software could be at any time incorporated the his old business model. Even if the contributor has no plans of “closing” the software, he feels much more incline in helping if there is this possibility.

I would say that our economy is not “psychologically” ready to embrace the idea that, once the software is given to people, it can not be brought back into chains.

On the Copying of Ideas

June 23, 2010

David Lewis Photo

David Lewis


While revisiting the article “The Paradoxes of Time Travel“, 1975, from David Kellogg Lewis, I noticed — for my surprise — how much my earlier post relates to the introductory ideas of the article. I clearly copied some ideas from him, although I was not fully aware of that while writing. There is a clear relation between the concept of personal time, from Lewis’ article, and the time perception, from my own. Also, the sole motivation for defining the idea of travel to past of future is from that article, where the concept is mentioned, although Lewis classify it as a travel to past.

Judging from now, the classification I presented — mainly the idea of continuous time travel — was deeply influenced by that article. What I did was to generalize the idea of “personal time” to the something more related to Einstein’s relativity, so it would be more close to what I understand of differences in time passing rate (and what I believe most people understand of the subject, if they understand anything at all). Thus, I could, for some kinds of time travel, argue about its physical feasibility.

Anyway, before writing the post, I did not get to the end of Lewis’ article. I told a friend I was thinking on classifying time travels and its paradoxes, and he gave me this article, from a contemporary philosopher. I started reading it, but could not resist the urge of starting my own article, so abandoned it in the middle. There it gets weird, because if I copied so much from him, I should at least have remembered when I read the article again (this time, the whole of it), but instead, the fact surprised me.

Another source of surprise is the idea of cause-effect loop, that I illustrated with a story featuring Jules Verne, and believe to be a pretty much original idea. Poor spirit of mine… don’t I know everything I dare to imagine was already imagined a thousand times before? The same idea was already in that same Lewis’ article, illustrated by the story of a time traveler who told his former self how to build the time machine, but in the part I did not read until after publishing my story.

Sure, my version of it is not very original, but was developed from a Mickey and Goofy comic book I’ve read more than ten years ago, where they travel to past and meet Jules Verne. But I only understood how serious was the matter when I found out about the closed timelike curves, and their potential effect on causality.

Lastly, I want to say that I am writing this because, after finding that Lewis’ article inspired me so much, I felt guilty of not giving proper credit. I also felt really sorry when I found he died in 2001 from health problems, so I can’t bother him with mails telling of my disagreement on his views of time paradoxes.