Charlie Stross: May 2011 Archives

Oh dear fucking Cthulhu, this is like something out of a John Brunner novel: NewsTweak.

TL;DR version: it's a plug computer like SheevaPlug or PogoPlug ... or the rather less benign PlugBot. It runs Linux and has wifi and a bunch of preconfigured software to do interesting things on whatever wifi network it finds itself on. You'll notice it has an extra mains socket on the front, so that it looks like a rather clunky surge suppressor or similar adapter.

In the case of NewsTweak, it uses ARP spoofing to change the text displayed on certain web sites. In the demo video (see that link at the top?) we see NewsTweak changing a headline on the BBC News website. Note that it's not messing with the HTTP transaction, it's doing this at a lower level by injecting ethernet packets into the stream going to the machines running the web browsers.

Next step: they'll add a 3G or 4G phone stage so that it can maintain its own back-channel to Black Hat HQ to receive updated instructions in real time. For example, to look for someone logging onto a banking site or a business application or a government database, and then modify what they can see. Or modify what they can't see, so that an HTML login form pointing at a government server might be silently redirected to a hacker's machine instead, which is running a proxy pointing at the real government server (to enable the hackers to grab the login credentials — a classic man in the middle attack, and the reason why Serious People use two-factor authentication instead of passwords, not that it would help much for this particular session).

Smart organizations (and government departments) treat any wireless network as untrusted for exactly this reason: someone can have added an inconspicuous wall-wart loaded with penetration tools to your network, and it could be listening in on everything your users type.

Moral of story: if you can't see the wires you can't trust the channel.

Secondary thought:

I have a new book. At least, I have a new book en français. My Hugo-winning novella Palimpsest is published in French translation on Wednesday by Nouveaux Millen, and I just thought I ought to share the wonderful cover they've commissioned for it with you. Early review here.

Meanwhile, if you're Anglophone and feeling left out, don't worry: you can find Palimpsest in my collection Wireless, and if you're feeling a big dose of cover envy, Subterranean Press are publishing a standalone signed, limited edition in August (available from Amazon, or direct from the publisher).

And here's the J. K. Potter cover illo:

The British government has cunningly passed legislation (to comply with an EU privacy directive) which effectively makes most uses of browser cookies illegal without the user's explicit prior consent.

Going by this article, I think this website is one of the rare legal ones. (The Information Commissioner's actual instructions on cookies are either unreadable without some piece of Billyware I don't have, or their web server is b0rked.) I don't use web analytics or tracking cookies, I don't run a store, and I don't sell ads — the three commonest sources of intrusive cookies. You may get a cookie from this blog, if you check the "Remember personal info?" box when you comment, or if you log in — in either case, you asked for it yourself. (How else did you think the blog was going to remember who you are?) You may also get a couple of cookies if you are one of the blog administrators or comment moderators: again, to save you from logging in every time you reload a form.

I'll be making another more detailed check soon (I've got until May 2012 to be in full compliance, apparently). But for now, let me know if you notice any unexpected cookies coming from this site. (There shouldn't be any.)

You've probably seen this news report in The Guardian already, but just to forestall sixty thousand of you from emailing me about it:

Labour camp detainees endure hard labour by day, online 'gold farming' by night

As a prisoner at the Jixi labour camp, Liu Dali would slog through tough days breaking rocks and digging trenches in the open cast coalmines of north-east China. By night, he would slay demons, battle goblins and cast spells.

Liu says he was one of scores of prisoners forced to play online games to build up credits that prison guards would then trade for real money. The 54-year-old ... reckons the operation was even more lucrative than the physical labour that prisoners were also forced to do.

"Prison bosses made more money forcing inmates to play games than they do forcing people to do manual labour," Liu told the Guardian. "There were 300 prisoners forced to play games. We worked 12-hour shifts in the camp. I heard them say they could earn 5,000-6,000rmb [£470-570] a day. We didn't see any of the money. The computers were never turned off."

(More interesting stuff if you follow the link at the top. Go read.)

If there's a crack-down on gold farming in prison camps, I expect to see reports of the work being out-sourced to other countries with less savoury regimes: Burma and North Korea spring to mind. However, the bandwidth there is poor; if Greece or Portugal really do flake out of the Euro zone and suffer a consequential currency collapse, look for the gold farming to move to the depressed underbelly of Europe, where the packet latency to Blizzard's servers will be lower.

(I'm still boggling about the idea of being forced to play computer games in a prison labour camp. Although I'd like to point out that being forcibly deprived of sleep after working 12 hour hard labour shifts would be enough to take the pleasure out of any activity, however enjoyable it would normally be.)

There are two types of book review that matter: the ones in the trade press that come out a couple of months before the book (and on the basis of which bookstore buyers decide how many to pre-order), and the ones in the regular press that readers see, usually coinciding with or following publication, and which lead readers to decide whether to buy a copy.

"Rule 34" isn't out for another (mumble) seven weeks, but the trade press reviews are showing up ...

Here's Publishers Weekly, who say:

"Hugo winner Stross blends plausible near-future SF and crime in this brisk sequel to 2007's Halting State ... each section builds on the others, making the whole more than the sum of its parts."

And it gets a starred write-up in Kirkus Book Reviews:

"Another detective joins the celebrated ranks of Edinburgh's finest, this one with Stross' distinctive science-fictional twist ... Dazzling, chilling and brilliant."

ALA's Booklist (subscription only) says

"The plot, with its all-too-likely extrapolation of cybercrime, is both a good read and a warning."

That's not all they say, but if you want to read more you can click on the links. (Except for Booklist, unfortunately.)

Finally, Chris Brookmyre said:

"Rule 34 is the most densely textured, pungent and tangibly convincing depiction of our cyber near-future since Neal Stephenson's Snow Crash. It is also very, very funny in a way that is quite exquisitely wrong."

(And if you don't know who he is, you're missing out on one of Scotland's national treasures.)

Rule 34 of the Internet states, "If it exists, there is porn of it. No exceptions."

And now there's a novel. Due out on July 5th in the USA in hardcover and Kindle from Ace, and on July 7th in the UK in a trade paperback from Orbit.

(Note about ebook editions: The US Kindle ebook will be available on the day of hardcover publication in the US. There will be a Kindle edition in the UK but there's a hangup between the Orbit and Amazon databases: it should be fixed shortly and I'll update this entry with a link to the UK Kindle edition when I get it. Also note: I'm seeing $15.76 on Amazon.com for the US hardcover, and $12.99 for the Kindle edition. But some folks report seeing $18.61 for the Kindle edition. Amazon are known to do differential pricing — showing different publishers different prices; if you get the silly price complain to Amazon, not me.)

Oh, and I have some book covers for you:

Which do you think is the British (Orbit) cover, and which is the American (Ace) cover?

Ah, retrofuturism.

The Henry Ford Museum is, alas, nowhere I'm likely to visit any time soon, but they appear to have a cracking permanent exhibition: the one surviving example of R. Buckminster Fuller's legendary Dymaxion House. (Note: Dymaxion is a portmanteau word Fuller used for a lot of his projects — the car, the house, and so on. Oddly, he didn't use it for the geodesic domes with which he is associated.)

Fuller is a fascinating figure, and well worth the study hours for any would-be futurist. TL;DR: he was fascinated with design from an early age, studied architecture, and in the early 1930s had a pivotal life experience and decided to devote the rest of his life to trying to improve the lot of humanity. This he did by way of a number of really interesting design failures, finally culminating in his wildly successful geodesic domes. Along the way, the Dymaxion House was probably the most fascinating of his failures, because it was nothing short of an attempt to revolutionize how we live.

Modernist architects of the 20th century generally designed two types of house: those for rich architects and other members of the upper classes to enjoy, and grimly regimented concrete cookie-cutter apartment blocks for factory workers. Fuller's approach to housing was cookie-cutter-esque, insofar as he planned to mass-produce Dymaxion Houses on converted B-29 Superfortress production lines after the second world war, and ship them to their owners in freight containers, but as far as I know it was radically different in conception, purpose, and design from any of the other modular homes of the period. For one thing, he was interested in portability and nomadism; while a concrete foundation with utility connections was necessary, Fuller's idea of moving house was that you could pack your house down into a container that would fit on a truck, drive it to your new neighbourhood, and deploy it again — the design influences of the traditional Mongolian yurt should be obvious. The Dymaxion House used aluminium sheeting for floors and structures, suspended by wires from a central steel structural shaft: saving weight was a priority. As he famously asked an architect on one occasion, "why are your houses so heavy?"

For another thing, he took an early interest in minimizing the human impact on the environment. The Dymaxion House had passive air temperature control and a pressure-triggered roof vent to survive near-misses from tornados (by releasing over-pressure inside the building so that it didn't rupture). It had a then-unique mist-spray shower and a grey-water system to reduce water usage; Fuller was also interested in non-flush toilets.

Finally, it was intended to be mass produced for $6,500 per house in 1946 money — the cost of a high-end automobile — with a design life of 30-50 years. Early development was funded by the Pentagon, for reasons that should be obvious: WWII generated unprecedented demand for accommodation on bases overseas and, later, demand for housing in war-ravaged regions.

The story of why we aren't all living in Dymaxion houses today is a convoluted epic of business failure (for one thing, starting up a production line for houses using cutting-edge aerospace technology was something that had never been done before; for another, Bucky's business sense was not, sadly, as good as his design sense) that has been recounted in numerous biographies. What interests me about it is that it's a far more humane approach to the problem of providing housing for the masses than his Brutalist contemporaries, whose designs tended to be fixed, immovable, made cheaply out of low-end materials, and built with high density mass housing in mind rather than low impact customizability. It was also way ahead of the field in terms of awareness of environmental constraints; while we could design better today, we'd be making incremental tweaks, whereas Bucky came up with the original idea of modular, lightweight, mobile low-impact housing ab initio.

Unfortunately, Fuller's attempts at revolutionizing the housing market collapsed in bankruptcy and ignominy; all we're left with today is the restored prototype in the Henry Ford Museum. Meanwhile, our houses are mostly the same boring rectangular permanent structures they've always been, whether made of brick-clad cinder blocks capped by tiled roofs or of balloon-skin timber and plasterboard. They're not light, they're not relocatable, they're not easily customizable (beyond the cosmetic level), they're expensive, and they're murderously hard to retrofit to meet new lifestyles.

So it's with some interest that I note recent progress on using 3D printer technology to print buildings — or rather, complete complex concrete structures on site (such as, oh, foundation and utility supply plinths for modular houses). And I'm beginning to wonder if this presages a new upsurge of interest in innovative housing technology.

You probably already saw this, but my hat's off to Fabrice Bellard for his stunning demo of a 486 emulator running in Javascript (technical notes here). If you've reading this in Firefox or Chrome, click here to run Linux inside your browser. (Alas, Safari/Webkit doesn't currently support W3C typed arrays, so it won't run on the iPad. Shame, that. The idea of being able to write novels using vi and MarkDown inside a browser window on a platform that doesn't officially support that stuff had a certain appeal.)

The next step, for added fun and hijinks, will be to run user-mode Linux inside a browser-hosted emulation environment. Preferably on a wrist-watch.

If this report is true, then:

a) Reactor 1 at Fukushima Daiichi melted down within sixteen hours of the quake (about eight hours after all active cooling was lost),

b) TEPCO management knew about it,

c) The press were systematically nobbled (an early report of the meltdown was withdrawn),

d) Going by his rather extraordinary remarks during the subsequent weeks, the Prime Minister, and presumably the rest of the Japanese government, were systematically misled by TEPCO.

I'm taking this report with a pinch of salt for the time being, because the IAEA reports on FD #1 don't reflect this account, but if the PM wasn't briefed then it would be unsurprising to learn that the IAEA (International Atomic Energy Agency) were also kept in the dark.

(A second reason for taking it with a pinch of salt is that the residual thermal activity after a 450Mw reactor is scrammed is around 1-2% of full power — around 4-8Mw of heat. A BWR contains fuel rods probably totaling on the order of a hundred tons of metal, and some hundreds of tons of water: is the residual activity (sufficient to boil roughly one ton of water per hour) enough to account for a meltdown — which implies raising the temperature of the fuel rods from their operating temperature to over 800 celsius — so soon after shutdown?)

The best case is that this report is false. (And right now I really hope this is the case.)

Worst case: if the report is true, then TEPCO management is so dysfunctional that they thought they could sweep a fricking' complete core collapse meltdown and primary containment breach under the rug. ("Disgust" isn't a strong enough word to describe such conduct, if indeed it's what has been going on. "Wondering when the arrest warrants will be signed" is beginning to get there.)

Just so it's clear what I'm talking about: seeing an elderly reactor undergo a reactor meltdown in the wake of an extraordinary one-in-500-years quake and a tsunami exceeding the worst case projections by 500% is unfortunate. Lying about it for two months afterwards, however, would be criminal. One is a natural disaster, the other is human misfeasance.

Update: Per Atomic Power Review, TEPCO have released a much more thorough report:

TEPCO indicates that even though the core was destroyed about 16 hours after the protective trip (scram) it is still inside the pressure vessel, and has been cooled to some extent by water most of the time. TEPCO also feels that the relatively continuous injection of water has prevented the core from exiting the pressure vessel. At this time, the core is considered adequately cooled to prevent further release, at the very least.

The high temperature seen at the feed nozzle is due to exposed fuel in the core superheating injected cooling water.

TEPCO indicates that damage to the pressure vessel is likely. However, it indicates that damage isn't so severe that the corium could exit. The rationale for this assumption is the grouping of similar temperatures on the lower head and two different parts of the CRDM.

TEPCO also feels that since temperature and pressure in the containment seem to move in step with primary plant changes, there is enough damage to the pressure vessel and/or piping to permit what would appear to be fairly rapid communication between the two. However, TEPCO has backed off from saying that there is a serious large breach of the lower vessel head... instead referring to a number of smaller openings.

Not specifically mentioned, but important... It is also clear that the primary containment is damaged and that injected water has been issuing from the primary system to the containment, and then out of the containment to various locations for a long time.

On the upside:

What is fortunate is that it appears as if the ongoing efforts at the site during that time ensured that the core debris (corium) remained in the pressure vessel, even though the vessel was damaged.

Chernobyl, I feel the need to remind you, was an uncontained criticality excursion followed by an explosion and large-scale graphite fire in which the reactor moderator burned and the core debris not only exited the reactor explosively, but got aerosolized and lofted into the atmosphere in the smoke, and thus spread over thousands of square kilometres. Note the words uncontained and fire: the old Soviet RBMK reactor design contributed to a fundamentally worse accident than a BWR meltdown following site black-out is capable of delivering.

The weirdest thing about my local car boot sale today was that second-hand robots now outnumber record players that can cope with 78rpm disks.

No Roombas, though — they didn't go on sale in the UK until relatively recently and they cost an arm and a leg. It's the fashion-accessory robots that are showing up, in other words.

(In case you were wondering, I picked up a nice pair of speaker stands for the library. That is all.)

This is either black propaganda of the most brilliant sort, or evidence that truth is weirder than Warren Ellis graphic novel.

I've got a bunch of upcoming fixtures.

Firstly, I'll be at Eurocon 2011 in Stockholm, a convention running from June 17th to 19th. Your sometime guest blogger, Elizabeth Bear, is one of the guests of honour; other guests are John-Henri Holmberg, Ian McDonald, and Jukka Halme. Among other things I'll be interviewing Hannu Rajaniemi interviewing me, which should be fun!

In July/August I'll be in the USA — but not at worldcon.

Instead, I'm starting in Seattle (with a week as an instructor at Clarion West). There will be a reading at the University Bookstore — date, time, and details to be arranged. There may be other signings and events. It's still in the planning stage.

I'll be visiting San Francisco next, and will be reading and signing at Borderlands Books on Saturday August 6th (provisionally at 3pm). There may be other readings in the Bay Area between the 1st and 7th — I'm still working on an itinerary — but on August 8th I'm giving a keynote speech at USENIX Security 2011 (working title: "Computer and network security in the medium term: 2061-2561AD").

After that, assuming I'm not pelted off stage with rotten eggs by enraged penetration testers, I will pop up in Portland to do a reading and signing at Powell's on August 12th at 7:30pm at their downtown store on West Burnside Street.

Then I'm flying home rather than proceeding on to Reno for worldcon, because by that time I shall have been on the road for nearly a month, which is too long. The cat's will have forgotten who I am and the cheese at the back of the refrigerator will be campaigning for the vote, if not asking where its old-age pension has gotten to. (Also: I don't gamble, I don't like hot weather, and I'm not mad keen on cities where I can't get around without driving.)

Finally, looking further ahead, I'm pleased to announce that I've accepted invitations to be guest of honour at COSine 2012 in Colorado Springs (January 27th to 29th, 2012), and at Satellite III in Glasgow (February 25th-26th, 2012). (The latter means I almost certainly won't be at Boskone next February — the jet lag would be of epic proportions. But don't worry, Boston, I still love you!)

STS-134 is going to fly with a tank full of baby Euprymna scolopes in its payload.

Time to go home; our work here is done.

(Note: the science20 contributor can't spell "Endeavour", the name of the space shuttle. Which is named after Captain Cook's ship, hence the British spelling.)

I've been feeling dull and low on zing recently, and looking back over the past few months' of blog entries I note that a certain predictability has set in: I'm not playing with ideas enough, there's a certain lack of joy. I've also been having senior moments — poor short term memory, irritability, difficulty concentrating, that kind of thing.

I'm pretty sure I'm not succumbing to mad cow disease: I'm just suffering from chronic exhaustion, because I've had a bad year.

A photographic tour of a former Soviet ICBM launch complex. (Courtesy of EnglishRussia.com.)

The Economist has a report from the International Conference on Advances in Nuclear Power Plants of a plenary session discussing the Fukushima Daiichi accident: it's well worth reading.

The main highlights seem to be:

* The accident wasn't the result of a single disaster, but of two, and arguably three: earthquake, tsunami, and subsequent hydrogen explosions.

* The plant survived the earthquake (which exceeded its design requirements) quite well, and the reactors scrammed correctly. However, scrammed reactors continue to need power to run their cooling systems. The earthquake tore down the cables connecting the plant to the rest of the grid, forcing them onto backup power.

* The tsunami struck 15 minutes later, and was roughly five times higher than the plant had been designed for. A review of disaster preparedness in 2002 recommended raising "the average wave height they needed to be designed to cope with to about double the height of the biggest waves in the historical record" — 5.7 metres, for the FD plant. In the event, the tsunami that struck had 15 metre waves. It washed right over the plant and wrecked the seawater intakes, electrical switchgear, backup generators, and on-site diesel storage.

* The 2002 severe accident review that increased the tsunami wave height estimates recommended installing hardened hydrogen release vents, to prevent a build-up of hydrogen in event of a similar accident. These are standard on American and other reactors, but had not been retrofitted to the FD BWRs. Were such vents fitted, the explosions would not have occurred. (The explosions compounded the difficulty of bringing the plant under control.)

* Despite all this there appears to have been no public health impact due to radiation (stress and fear are another matter), and no plant workers were exposed to more than 250 millisieverts — the raised limit for emergency nuclear responders, equal to five years' regular working exposure, but insufficient to cause a serious health risk.

So: serious accident, yes — but it's no Chernobyl. (Go read the article. It's good.) The main take-away seems to be that, like a plane crash, it takes more than one thing going wrong to cause an accident — in this case, two major natural disasters, each of which exceeded the plant's design spec, occurring within the space of an hour, compounded by failure to implement a safety system that is standard elsewhere. Despite which, they managed to dodge the bullet (for the most part: it's still going to take billions of dollars and several years to clean up the plant).

In case you're unsure why AV is a better electoral system than FPTP ...

Oh, and when evaluating Conservative propaganda against AV, remember, AV is the system the Conservative party uses internally to elect leaders. If it's good enough for them, why is it no good for us?

You know how it works: a car park operator throws open the gates one weekend morning, and for about £8-10 folks can hire a parking space and a paint table and stack it high with whatever stuff is cluttering up their attic, garden hut, or lock-up. Other folks turn up, wander round, and hopefully buy the stuff.

There's one up the road from my flat, and I occasionally go because (if you're a writer) it's an interesting way to get a look inside other people's homes — not what they have today, but what they valued some time ago, and have become willing to shed.

There are, of course, perennials: crates of beach reading bestsellers and self-improvement books, old clothing, baby baths and buggies and bottle sterilizers, and lots of brightly coloured plastic toys. Also antique spoon collections, ornamental brasswork, ancient suitcases, and unopened-but-faded boxes of DIY components such as cheap light fittings.

But I'm interested in the ephemera that changes.

Fifteen years ago (1996), you could find stereo turntables and the odd CD player. Audio cassettes were common but some VHS tapes were available. You could find Atari STFM and Amiga 500 home computers. PCs, where found, were typically 286s running DOS. (Typical age of off-loaded computers was around 5-10 years).

By five years ago (2006), stereo turntables, Amigas and STs had become rare. VHS players and colour TVs were common; PCs were typically tower 486 and pentium boxes running Windows 95 or 98. DVD disks were common but VHS tapes were commoner. Mobile phones were common (typically Nokia GSM models).

Today: laptops — typically Pentium III/IV, Celeron, and anything pre-Core Duo — were common, while desktop/tower PCs had become scarce. VHS tapes were scarce, DVDs predominating. Lots of tube TVs, no LCD or plasma TVs. Phones, weirdly, looked very similar (smartphones don't seem to sell via car boot sales yet). The only VHS players I spotted were oddities such as shop security recorders.

(Digression: I picked up a toy today: a Psion Series 5 PDA, almost spotless, in its original packaging, with manual. I paid about 3% of the original retail tab, back in 1998. This is the granddaddy of every Symbian device that's out there, a tiny and efficient pocket computer based on an ARM processor and powered by two AA cells, like a laptop in miniature. It cost me the price of a new trade paperback and I think I shall install Linux on it, just because I can.)

Anyway. What do you expect to see in car boot sales in 2016? And again, in 2021? And what don't you expect to see? Please explain your reasoning ...